RE: User rights and SOX
From: Mike Epprecht (SQL MVP) (mike_at_epprecht.net)
Date: 07/22/05
- Previous message: Narayana Vyas Kondreddi: "Re: Backup"
- In reply to: jaylou: "User rights and SOX"
- Next in thread: jaylou: "RE: User rights and SOX"
- Reply: jaylou: "RE: User rights and SOX"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 21 Jul 2005 23:05:02 -0700
1. Remove the BUILTIN\administrators group from SQL Server logins. The admins
then don't have any access. Then add the specific user with only the
permissions they need.
2. Don't use the SA account. Change it's password to something very
difficult and lock it away in a safe.
Regards
--------------------------------
Mike Epprecht, Microsoft SQL Server MVP
Zurich, Switzerland
MVP Program: http://www.microsoft.com/mvp
Blog: http://www.msmvps.com/epprecht/
"jaylou" wrote:
> First question:
> I have a user that is admin on the server to perform security patches and
> general server maint. He is also a user in SQL. Since he is the Admin of
> the box he has also inherited Admin rights to SQL. I want him to have only
> "select,insert,update and delete" rights to all tables but no other rights in
> SQL.
> Is this possible?
>
> 2nd question:
> Has anyone out there needed to separate SQL functions for SOX? If so can
> you please give me some ideas of how you separated SA and DBO functions?
> SA(insert, update, delete)
> DBO (create tables,give user rights etc..)
> Thanks,
> Joe
>
- Previous message: Narayana Vyas Kondreddi: "Re: Backup"
- In reply to: jaylou: "User rights and SOX"
- Next in thread: jaylou: "RE: User rights and SOX"
- Reply: jaylou: "RE: User rights and SOX"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
