January 20, 2016 at 2:49 pm
We're re-examining our database server security architecture, as we are starting to migrate our older databases to MSSQL 2012 and 2014. One of the Developers mentioned that a prior decision was made to segregate 2 databases (onto separate instances on separate servers), as one of those databases accessed a webserver in the DMZ (although the db instance is not in the DMZ). The idea was, if these databases were on the same server, if one was compromised via the internet, then the other could be as well. These databases are mutually exclusive of each other when it comes to permissions.
Is this a common practice? I've been looking around for best practices, but most of what I find doesn't go that extra step of discussing putting both internal apps' databases with web app databases into the same MSSQL instance. So the practice I mentioned above, I can't tell if this is sound planning, or an unfounded mistrust of MSSQL security.
Thanks,
--=Chuck
January 20, 2016 at 3:19 pm
chuck.forbes (1/20/2016)
We're re-examining our database server security architecture, as we are starting to migrate our older databases to MSSQL 2012 and 2014. One of the Developers mentioned that a prior decision was made to segregate 2 databases (onto separate instances on separate servers), as one of those databases accessed a webserver in the DMZ (although the db instance is not in the DMZ). The idea was, if these databases were on the same server, if one was compromised via the internet, then the other could be as well. These databases are mutually exclusive of each other when it comes to permissions.Is this a common practice? I've been looking around for best practices, but most of what I find doesn't go that extra step of discussing putting both internal apps' databases with web app databases into the same MSSQL instance. So the practice I mentioned above, I can't tell if this is sound planning, or an unfounded mistrust of MSSQL security.
Thanks,
--=Chuck
Quick thought,
The SQL Servers are as secure as anything out there, if you leave your keys laying around in your code then that security is out or should I say in through the window. It makes no sense separating the instances for the sake of security if the content of those databases is the same, it only makes sense if there is a separation of data which combined is a threat but apart is useless.
😎
January 20, 2016 at 3:49 pm
Would you mind clarifying your last sentence there? Currently, the data in both of these databases are unrelated. The data which was sequestered on an instance unavailable to the webserver, would be considered Level 3 data, and therefore a serious concern if it was inadvertently acquired.
-=Chuck
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply