SQL Server security
-
Hello MS SQL Server do not have database security, if we stop the service and copy the database file to other computer we can see the schema & data without any password ! So is there is any method for securing the data in SQL Server ? Thanks for any help:rose:
-
Hello MS SQL Server do not have database security, if we stop the service and copy the database file to other computer we can see the schema & data without any password ! So is there is any method for securing the data in SQL Server ? Thanks for any help:rose:
Fad B wrote:
MS SQL Server do not have database security,
Actually, it has quite a lot of security.
Fad B wrote:
if we stop the service and copy the database file to other computer we can see the schema & data without any password
That is due to your misunderstanding of how it works, not a lack of security on the part of SQL Server. If you stop the service that controls the databases there isn't much SQL Server can do to secure your data.
Fad B wrote:
So is there is any method for securing the data in SQL Server
You need to put in place a comprehensive policy of who gets access to the filesystem on the server so that they cannot move files around arbirtrarily. This also applies to backups. Who gets the physical media and where do they go has to be part of a comprehensive security policy. You cannot place all of your security in one location. It is a multifaceted problem that must be tackled on all levels. You have seen that by stopping the SQL Server Service (something that won't happen in normal operation) you can get at the files, move them and attach them thus bypassing the inbuilt security in SQL Server. So, you must therefor secure your file system. There is no single button that you can press on any computer system that will make it secure. As there is no way that it can be done. If you over secure a system then people who have a genuine need cannot access the information they need, if you undersecure it then people who shouldn't have access may be able to gain access. What access is permitted and what is not is determined by the business that it runs in. My: Blog | Photos "Man who stand on hill with mouth open will wait long time for roast duck to drop in." -- Confucius
-
Fad B wrote:
MS SQL Server do not have database security,
Actually, it has quite a lot of security.
Fad B wrote:
if we stop the service and copy the database file to other computer we can see the schema & data without any password
That is due to your misunderstanding of how it works, not a lack of security on the part of SQL Server. If you stop the service that controls the databases there isn't much SQL Server can do to secure your data.
Fad B wrote:
So is there is any method for securing the data in SQL Server
You need to put in place a comprehensive policy of who gets access to the filesystem on the server so that they cannot move files around arbirtrarily. This also applies to backups. Who gets the physical media and where do they go has to be part of a comprehensive security policy. You cannot place all of your security in one location. It is a multifaceted problem that must be tackled on all levels. You have seen that by stopping the SQL Server Service (something that won't happen in normal operation) you can get at the files, move them and attach them thus bypassing the inbuilt security in SQL Server. So, you must therefor secure your file system. There is no single button that you can press on any computer system that will make it secure. As there is no way that it can be done. If you over secure a system then people who have a genuine need cannot access the information they need, if you undersecure it then people who shouldn't have access may be able to gain access. What access is permitted and what is not is determined by the business that it runs in. My: Blog | Photos "Man who stand on hill with mouth open will wait long time for roast duck to drop in." -- Confucius
Colin Angus Mackay wrote:
You need to put in place a comprehensive policy of who gets access to the filesystem on the server so that they cannot move files around arbirtrarily. This also applies to backups. Who gets the physical media and where do they go has to be part of a comprehensive security policy. You cannot place all of your security in one location. It is a multifaceted problem that must be tackled on all levels. You have seen that by stopping the SQL Server Service (something that won't happen in normal operation) you can get at the files, move them and attach them thus bypassing the inbuilt security in SQL Server. So, you must therefor secure your file system. There is no single button that you can press on any computer system that will make it secure. As there is no way that it can be done. If you over secure a system then people who have a genuine need cannot access the information they need, if you undersecure it then people who shouldn't have access may be able to gain access. What access is permitted and what is not is determined by the business that it runs in.
Excellent points made. Security is in the eye of the beholder. PC
-
Colin Angus Mackay wrote:
You need to put in place a comprehensive policy of who gets access to the filesystem on the server so that they cannot move files around arbirtrarily. This also applies to backups. Who gets the physical media and where do they go has to be part of a comprehensive security policy. You cannot place all of your security in one location. It is a multifaceted problem that must be tackled on all levels. You have seen that by stopping the SQL Server Service (something that won't happen in normal operation) you can get at the files, move them and attach them thus bypassing the inbuilt security in SQL Server. So, you must therefor secure your file system. There is no single button that you can press on any computer system that will make it secure. As there is no way that it can be done. If you over secure a system then people who have a genuine need cannot access the information they need, if you undersecure it then people who shouldn't have access may be able to gain access. What access is permitted and what is not is determined by the business that it runs in.
Excellent points made. Security is in the eye of the beholder. PC
Ok, But I did not mean that, I have SQL Desctop Engin & I'm installing it on any PC I need to secure my data schema ! and my data ! Since I put them on install CD... so any one will install the database and get its desin... So any solution to encrypt the database file without the help of the OS ? Thanks
-
Fad B wrote:
MS SQL Server do not have database security,
Actually, it has quite a lot of security.
Fad B wrote:
if we stop the service and copy the database file to other computer we can see the schema & data without any password
That is due to your misunderstanding of how it works, not a lack of security on the part of SQL Server. If you stop the service that controls the databases there isn't much SQL Server can do to secure your data.
Fad B wrote:
So is there is any method for securing the data in SQL Server
You need to put in place a comprehensive policy of who gets access to the filesystem on the server so that they cannot move files around arbirtrarily. This also applies to backups. Who gets the physical media and where do they go has to be part of a comprehensive security policy. You cannot place all of your security in one location. It is a multifaceted problem that must be tackled on all levels. You have seen that by stopping the SQL Server Service (something that won't happen in normal operation) you can get at the files, move them and attach them thus bypassing the inbuilt security in SQL Server. So, you must therefor secure your file system. There is no single button that you can press on any computer system that will make it secure. As there is no way that it can be done. If you over secure a system then people who have a genuine need cannot access the information they need, if you undersecure it then people who shouldn't have access may be able to gain access. What access is permitted and what is not is determined by the business that it runs in. My: Blog | Photos "Man who stand on hill with mouth open will wait long time for roast duck to drop in." -- Confucius
Ok, But I did not mean that, I have SQL Desctop Engin & I'm installing it on any PC I need to secure my data schema ! and my data ! Since I put them on install CD... so any one will install the database and get its desin... So any solution to encrypt the database file without the help of the OS ? Thanks