Re: Protecting database from administrators
From: J André Labuschagné (technical_at_eduadmin.com)
Date: 04/28/04
- Next message: Phil Smith: "A TOUGH ONE - audit Login, Audit Logout connection"
- Previous message: J André Labuschagné: "Re: Protecting database from administrators"
- In reply to: Neil Pike: "Re: Protecting database from administrators"
- Next in thread: Neil Pike: "Re: Protecting database from administrators"
- Reply: Neil Pike: "Re: Protecting database from administrators"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 28 Apr 2004 12:42:46 +0200
Hi Neil
We are in a market where there very often is no DBA and the data has to be
secure. It is absolutely critical that the DB is secure at rest and in
transit (whether stolen or backed up). That is our dilemna. You are quite
right. Mission critical does not always necessitate security. It was wrong
of me to suggest that. This data just happens to be mission critical and
needs to be secure at the same time. Some of our clients, while storing
highly sensitive data, do not have the physical security systems that are
typical in banking environments. Having a DB that secures all objects in
the database while at rest and in transit will serve us best. I understand
where MSSQL is coming from and have no problem with that. For the moment we
need to look elsewhere. If we find something that suits us we will most
certainly share it. I am sure that this thread will not be the last one to
bring up this matter as it is an obvious problem to many. A cursory review
of this forum will confirm that it has come up a number of times. Thanks
for the input. This is really a helpful forum.
Cheers
"Neil Pike" <neilpike@compuserve.com> wrote in message
news:VA.000061e8.01dc32da@compuserve.com...
> Andre,
>
> > There are many DBMS that run on both MS and Linux servers and provide
the
> > security we require. Just do a bit of research of your own. This is
not
> > the forum to throw around the names of competitor products.
>
> <panto mode on>
> Oh yes it is
> <panto mode off>
> Throw around.
>
> > We are aware of some companies that have attempted to use MSSQL in
mission
> > critical situations. We are also aware of many that have dumped MSSQL
> > precisely because of its weak security.
>
> Why do you seem to perceive such a link between mission critical and
security?
> Whilst there is obviously often a bit of a relationship, there often
isn't.
> An internal personnel system is not mission critical, but the data is
highly
> sensitive and the data/system requires a high level of security.
Alternately a
> stock-control system could well be mission critical, but the data would
not be
> deemed to need a high level of security in most organisations.
>
> Forgetting SQL Server for a moment, I think you'd agree that the core
> financial systems of banks are mission critical and require security? How
come
> I've never seen a banking dbms that implements full file-level
> encryption/security then? These are typically DB/2 systems on IBM
mainframes.
> But the data is "in-clear" on the disks. However, no-one is getting
anywhere
> near that data as it's stored in a datacentre, producted by security
guards,
> cameras, motion sensors, hand-print entry, one-person-at-a-time airlocks
etc.
> etc. Access at all levels to the o/s and dbms is logged and auditted.
>
> If that bank instead uses SQL Server for it's core systems, and there are
some
> that use SQL Server for at least some of their core systems these days,
and
> they have the above levels of physical security, why would they need file
level
> encryption?
>
> > Do not get me wrong. There is a
> > place for an open system such as MSSQL. It is not everyone who wants
the
> > security that we require. Briefly, our requirements, inter alia, are:
> >
> > 1. Zero or near zero administration
> > 2. One physical file for the database
> > 3. Simple recovery procedures
> > 4. Physical file protection while at rest and in transit
> > 5. Acceptable performance
> > 6. Scaleability
> > 7. Small footprint
>
> > While MSSQL meets some of these requirements it fails on others. If
these
> > are not your requirements then use the product. One user with 50,000
> > connections to a DB provided by a competing vendor when approached said
that
> > the security we require was provided for and there typically was no need
for
> > a DBA except perhaps as a liason between the developers of the app and
his
> > company. On account of the stability and resilience of the DB the
> > traditional DBA role is covered in other ways. They have been said DB
for
> > around ten years. Of course you are not going to believe this. Just go
and
> > do a bit of research. There are many alternatives out there. We have
found
> > other possibilities. You can too. This is not to say that MSSQL does
not
> > suit some folk. Just be honest about what it can and cannot do. That
way
> > you will not get your fingers burnt and everyone will be happy. When
and if
> > MSSQL security is improved we may visit it again if it proves to be the
best
> > option for our clients. At the moment it is not.
>
> I would very interested in what sort of product you are offering to what
sort
> of clients.
>
> Neil Pike MVP/MCSE. Protech Computing Ltd
> Reply here - no email
> SQL FAQ (484 entries) see
> http://forumsb.compuserve.com/gvforums/UK/default.asp?SRV=MSDevApps
> (faqxxx.zip in lib 7)
> or www.ntfaq.com/Articles/Index.cfm?DepartmentID=800
> or www.sqlserverfaq.com
> or www.mssqlserver.com/faq
>
- Next message: Phil Smith: "A TOUGH ONE - audit Login, Audit Logout connection"
- Previous message: J André Labuschagné: "Re: Protecting database from administrators"
- In reply to: Neil Pike: "Re: Protecting database from administrators"
- Next in thread: Neil Pike: "Re: Protecting database from administrators"
- Reply: Neil Pike: "Re: Protecting database from administrators"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
