Apply Password policy on all SQL Server logins (along with password expiration if possible) to avoid any security compromise.
Best Practice No.28
Understand NOLOCK hint before using this in your transactions\applications – the data you are reading might not be consistent (Dirty Reads)
Best Practice No.27
Always change the Page_Verify Database Option to Checksum after you migrate it to SQL Server 2005 or higher. Checksum is default for databases created on SQL Server 2005+.
Best Practice No.26
Make sure Auto_Shrink is disabled for all Databases on your Production Servers.
Best Practice No.25
Keep your TempDB Files & all other database files on separate disks.
Best Practice No.24
Disable “xp_cmdshell” where it is not required. If this is required for some admin tasks make sure you disable this post completion of the activity to reduce surface area.
Best Practice No.23
set start-up mode of Standalone SQL Services to start automatically.
Best Practice No.22
Don’t keep the System Database files & Windows installation on same disk.