Many SQL Server installations have been done with either little or no consideration to securing the installation itself. Although your internal SQL Server data may seem to be secure, the way that your installation itself has been configured may inadvertently allow malicious or simply curious intruders. This talk will look at some of these gaps - all from real world experience - and show how you can secure your existing SQL Server 2000 installations and also will contrast the improvements made with SQL Server 2005 to make it more secure out of the box.