Re: ms sql server 2000 security too weak ?
From: Egbert Nierop \(MVP for IIS\) (egbert_nierop_at_nospam.invalid)
Date: Mon, 12 Apr 2004 07:51:08 +0200
"RW" <firstname.lastname@example.org> wrote in message
> It seems the authority for DBA is too much to control the safety of .mdf
> , why not add an additional password or key to protect it, if someone
> copy the .mdf files and install to a new sql server service, they can
> read everything using sa facility, is it worse than ms.access ?
> at least ms.access still need some extra job to crack it, but the .mdf
> is too simple, just copy and read it.
> Especially the MSDE version in one single computer, even the hardware
> technician can duplicate and sell your important data.
> Anyone have solution for this security problem ?
You have a choice. Have MSDE run, on a reserved account
- NTFS security
- Data Encryption
- Also, you can store data on a raw partition, that cannot be copied so
b.t.w. there is nearly no protection against harddisk access by a
technician. You can't blame MS for that. But data encryption by the
application that uses MSDE is a solution...