Friday, February 24, 2012

Access protection on deployed SQL Server

How can we control the accesses to a SQL Server that has been deployed on customer site? Basically, we do not want user to log in the database server, even as sa, except through our application.

Any recommendation?

Thanks,

Xiaodoudou

Hi!

Actually you cannot protect the data files. So although you might restrict the user / administrators from logging on to the database you cannot prevent them deatching the database and attaching it to another instance, making it possible for them to read the content of the database. YOu would need additional file security and prevent the administrator and all other users from accessing the physical files.

HTH, Jens K. Suessmeyer.

http://www.sqlserver2005.de|||

In your case, I assume you have no control over the customer site - if that's the case, then you cannot enforce access only through your application.

Thanks
Laurentiu

No comments:

Post a Comment