Tuesday, February 14, 2012

Deny Administrator Access to DB

Hey all,
I am developing an application to track very sensitive company personnel
information. This of course raised the issue of protecting this sensitive
information from everyone not authorized to see it.....including the DB
Administrator. The DB Server (SQL 7) has many databases on it, but the
System Administrator must not be able to access the data in those tables
containing the sensitive information. I have tried denying an SA user
rights to SELECT from a table, but I could still select and view all the
data.
Any ideas?
Jeremy Byron
jbyron@.cynaptec.nb.ns.ca <remove ns to email me>
You cannot stop SA from looking at the tables...
HOWEVER - you CAN log the users that view the data.
For the tables that contain sensitive information, you can put a trigger on
the select, update, and delete to generate a log entry.
Of course, you would ask - "But the DBA can delete those rows". Sure they
can - but you can also log it so that you also have it generate a MSMQ
transaction where you can have a service that processes those records into
an external file store.
I would also reccommend seeing the July 2004 edition of SQL Server
Magazine - p.15 on "Privacy Matters" for some other suggestions as well.
=-Chris
"Moi" <moi@.here.com> wrote in message
news:7FF1D2C9B9DB6525.1907DEF59F04D933.8248BD072E3 3C3AD@.lp.airnews.net...
> Hey all,
> I am developing an application to track very sensitive company personnel
> information. This of course raised the issue of protecting this sensitive
> information from everyone not authorized to see it.....including the DB
> Administrator. The DB Server (SQL 7) has many databases on it, but the
> System Administrator must not be able to access the data in those tables
> containing the sensitive information. I have tried denying an SA user
> rights to SELECT from a table, but I could still select and view all the
> data.
> Any ideas?
> Jeremy Byron
> jbyron@.cynaptec.nb.ns.ca <remove ns to email me>
>
|||> you can put a trigger on the select,
Are you sure about that? Books Online doesn't seem to agree:
CREATE TRIGGER trigger_name
ON { table | view }
[ WITH ENCRYPTION ]
{
{ { FOR | AFTER | INSTEAD OF } { [ INSERT ] [ , ] [ UPDATE ] [ , ] [
DELETE ] }
http://www.aspfaq.com/
(Reverse address to reply.)

No comments:

Post a Comment