March 18, 2004 at 12:54 am
Hi,
Need help as how to prevent the dba's or DB administrators to see records from user tables without prevnting them from doing administration/DBA tasks (e.g. table creation, field modification, etc.)
thanks...
March 18, 2004 at 1:02 am
encryption
March 18, 2004 at 1:12 am
thanks for the reply...
We actually plan to do encryption but it still needs to be acquired. I was hoping to know any way that can be implemented easily like through server roles and permissions.
We prevented the account from doing select statement but unfortuantely it prevented the user to modify the table structure. We even put the account under db_denydatareader and denydatawriter but it also prevented the user to modify table fields. Adding it back to db_owner role just open the records for viewing.
March 19, 2004 at 8:34 am
learn to trust your DBA* - the simplest solution.
Think how much is your data worth ... and pay him/her as he/she deserves.
Arti
* - or get one you can trust (but first give the the current one a chance)
March 19, 2004 at 8:53 am
I second ..................More trust seems like a great solution
Mike
March 19, 2004 at 9:28 am
The DBA needs to be a member of the sysadmin server role with complete access to do everything/see everything. Thats the nature of the job. If you encrypt the data your application will have to decrypt the data. Fine. The DBA will still be able to select data but they will see encrypted data. Trust your employees. Access can be controlled for other than DBA's by ensuring data is normally accessable only via the application by giving access only to stored procs, but the DBA still has access.
Francis
March 19, 2004 at 2:19 pm
How the heck are you supposed to administrate a database if you can't even see the data? That makes no sense at all. I wouldn't/couldn't work at a place like that...
Manager: "Hey, can you set up a new procedure?"
DBA: "Sure, what do you want it to do?"
Manager: "I need this data summarized and sent to our client every week"
DBA: "Uh, what data?"
Manager: "I can't show you that."
DBA: "Uh..."
Signature is NULL
March 19, 2004 at 3:35 pm
First and foremost. Your DBA has the sole responsibility for keeping things up and running. You take his abilities to troubleshoot away you are essentially asking them to make sure SQL is running and nothing more. Ultimately someone has to be trusted with the data even for the encryption process or noone will be able to fix things that break and suppose a customer was seeing someone elses data, you now have exactly what you don't want.
You either have to trust them or fire them and find someone you can trust. Make sure you have a confidientially clause in their contract so you have proper legal recourse if someone does betray your company.
Sorry but paranoia of who can see what they have too is a bit over the top in my personal opinion.
However I would suggest only the DBA have access to the production system at the level of need he will have and have a few DBA's not a lot.
March 21, 2004 at 8:37 pm
Hi,
Really appreaciate all the response to my query.
On a personal standpoint as a DBA, I too am not a fan of preventing the DBA's from seeing the data since administration requires access to records that are essential for his troubleshooting. It's just that I feel that our management is somewhat having second though on trusting their DBA's.
Again, thanks for the insights.
March 22, 2004 at 9:16 am
Are you offshore your DBA job !! Bad idea....
Viewing 10 posts - 1 through 9 (of 9 total)
You must be logged in to reply to this topic. Login to reply