Wednesday, March 28, 2012

Restrict Database Viewing

One of our programmers is going to write a program that involves some
sensitive data stored in the SQL server, using visual basic. Is there a way
to restrict him from viewing the data in the database, yet allowing him to d
o
his programming and debugging?Rather than developing against the live production database, consider
developing the application against a test database with identical schema.
You can use test data or obfuscated production data for testing.
Hope this helps.
Dan Guzman
SQL Server MVP
"wrytat" <wrytat@.discussions.microsoft.com> wrote in message
news:5118B0AD-451A-406E-81F9-F6EFA426B00E@.microsoft.com...
> One of our programmers is going to write a program that involves some
> sensitive data stored in the SQL server, using visual basic. Is there a
> way
> to restrict him from viewing the data in the database, yet allowing him to
> do
> his programming and debugging?|||I spend a lot of time writing apps against sensitive data, and often have to
explain to clients that valid data is needed to test against.
If you want to limit access to certain tables just create a user with
disabled access to sensitive table and allow only access to tables they will
use.
If the tables that they need, have actual sensitive data in them, then
create a duplicate database with different user and change some data.
i.e.. if its salary then directly edit the duplicate database and change all
the names and passwords to random data.
My suggestion is to have a third reliable party to backup database change
the sensitive data and return with another database name.
Then just hand that database on cd to your programmer.
As a second thought if its only reading i.e.. reports then create required
tables and fields as views.
"wrytat" <wrytat@.discussions.microsoft.com> wrote in message
news:5118B0AD-451A-406E-81F9-F6EFA426B00E@.microsoft.com...
> One of our programmers is going to write a program that involves some
> sensitive data stored in the SQL server, using visual basic. Is there a
> way
> to restrict him from viewing the data in the database, yet allowing him to
> do
> his programming and debugging?

No comments:

Post a Comment