Hi,
We have a point of sale application (C# .NET 2.0) and a Sql Server 2005 database back end.
Our customers are concerned that employees could create a backup of the SQL Server database (or even of the MDF file) and use it to steel customer data.
Very often, the application is running on a single PC in a shop using Sql Server Express Edition 2005 under Windows XP. The users usually log on as local administrator. It's hard for us to force our customers to change their local security policies.
Ideally, I would like some form of security mechanism that prevents a backup from being restored on to another PC without either a password or some other form of authentication.
Is this possible?
Regards,
Sigol.
I'm assuming you meant 'steal' (to take), rather than 'steel' (to harden).
There are several issues.
1. As you noted, a backup 'could' be restored on another server. Various third party backup programs allow passwords and encryption for backups. Any SQL Admin can create a backup that can be restored elsewhere.
2. A SQL administrator could take the database 'offline' for a few minutes and copy the data file (*.mdf)
3. A local administrator could shut down the SQL Service for a few minutes and copy the data file (*.mdf).
4. Even with an Encrypted database, or tables, or even specific columns, a local SQL Administrator can usually get around the protections.
Don't allow any local administrators to be in the SQL Admins role.
So if you are concerned about protecting a database, the 'best' solutions, in a situation where you can't control the local administrators, is to look into database encryption using encryption keys, or better yet, certificates.
|||Thank you for your comments, Arnie. This was very helpful to me.
Regards,
Sigol.
|||Arnie Rowland wrote:
I'm assuming you meant 'steal' (to take), rather than 'steel' (to harden).
Having a grammatically bad day, Arnie!
sql
No comments:
Post a Comment