Wednesday, March 28, 2012

restrict access to a database

Hi all,
Okay, we've got a product which has SQL Server as the backend database.
The client has the product as well as the database.
But the DBA at the clients end messes up with the data & we are held
responsible (that the product is what is messing up the data & NOT their
DBA).
How can we prevent this,
ie. try to encrypt the database or restrict access to the database to the
DBA.
Also, another requirement is that we do NOT want them to see the DB
structures, the tables, the data in the Databse!!!!
options,
1. Get them to install a new instance of SQL Server & NOT give the DBA or
anyone the password & have the password embeded in the application (thus
only the application can access the SQL Database).
NOTE : THe product and the SQL Servers WILL have to be at the clients end.
any other options?
Hi
As you don't have the means to stop physical access this is difficult. You
may want to make sure that you are auditing such events. If you want to
carry out encryption then it is probably better on the client as the DBA
will have access to the methods used at the database end. You may also want
to look throught the products and articles on
http://www.sqlsecurity.com/DesktopDe...ndex=0&tabid=1
John
"D.Rudiani" <rudi@.www.com> wrote in message
news:ervb1anWFHA.1796@.TK2MSFTNGP15.phx.gbl...
> Hi all,
> Okay, we've got a product which has SQL Server as the backend database.
> The client has the product as well as the database.
> But the DBA at the clients end messes up with the data & we are held
> responsible (that the product is what is messing up the data & NOT their
> DBA).
> How can we prevent this,
> ie. try to encrypt the database or restrict access to the database to the
> DBA.
> Also, another requirement is that we do NOT want them to see the DB
> structures, the tables, the data in the Databse!!!!
> options,
> 1. Get them to install a new instance of SQL Server & NOT give the DBA or
> anyone the password & have the password embeded in the application (thus
> only the application can access the SQL Database).
> NOTE : THe product and the SQL Servers WILL have to be at the clients end.
> any other options?
>

No comments:

Post a Comment