June 26, 2013 at 5:06 am
Hello All,
Currently ETL team has access to read/write/delete/drop/alter in Production DW which leads to issues with the integrity of the system and the security model seems to be in a bad shape. We are looking to implement a better security model.
Are there any best practices to be followed and how can we improve the current security system?
Your help would be appreciated
June 26, 2013 at 5:56 am
Yes - apply principle of least privilege.
Only allow DDL access to those who deploy
Only allow write access to those who really need it (typically depoyment team again)
Everyone else just read access (as a maximum). Even reading with NOLOCK can block certain ETL operations, so I'd be careful even with that one.:cool:
Cheers,
JohnA
MCM: SQL2008
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply