Apply Password policy on all SQL Server logins (along with password expiration if possible) to avoid any security compromise.

Understand NOLOCK hint before using this in your transactions\applications – the data you are reading might not be consistent (Dirty Reads)

Always change the Page_Verify Database Option to Checksum after you migrate it to SQL Server 2005 or higher. Checksum is default for databases created on SQL Server 2005+.

Make sure Auto_Shrink is disabled for all Databases on your Production Servers.

Keep your TempDB Files & all other database files on separate disks.

Disable “xp_cmdshell” where it is not required. If this is required for some admin tasks make sure you disable this post completion of the activity to reduce surface area.

set start-up mode of Standalone SQL Services to start automatically.

Don’t keep the System Database files & Windows installation on same disk.