Are linked server connections inherently insecure?
I recently had a conversation with a friend who had been told by another DBA that using linked servers in Microsoft SQL server was inherently insecure as well as being a performance problem. My experience is that linked server connections using optimized SQL statements (and the key here is optimized SQL statements) do not suffer from performance issues. Also, when the current security context is used and not embedded credentials, then I don't see why they would be considered inherently insecure. Seems to me that linked server connections are as secure as any other connection. I would appreciate your thoughts on this matter.
Inherently insecure or always a performance problem? I'd say both of those generalizations are not true and depend on the specific implementation. As you already partially stated, using the current security context *with Windows authentication* is the best option. This is ideal for Windows auth, but if you are using SQL Server authentication, this will send the username and password to the other server. Regarding performance, (almost) any query solely against a local server will perform better than one accessed via a linked server. Having said that, performance is a relative measurement. Depending on the query, it might not make much of a difference. Checking 1 row of user information on a remote server is fine. Joining a billion row local table with a billion row remote table is probably not.