RE: User rights and SOX
From: jaylou (jaylou_at_discussions.microsoft.com)
Date: 07/25/05
- Previous message: Awais Bin Khalid: "Re: Windows security"
- In reply to: Mike Epprecht (SQL MVP): "RE: User rights and SOX"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 25 Jul 2005 05:45:07 -0700
Thank you!
Good Idea... I didnt know if I was able to do that.
Thanks again,
joe
"Mike Epprecht (SQL MVP)" wrote:
> 1. Remove the BUILTIN\administrators group from SQL Server logins. The admins
> then don't have any access. Then add the specific user with only the
> permissions they need.
>
> 2. Don't use the SA account. Change it's password to something very
> difficult and lock it away in a safe.
>
> Regards
> --------------------------------
> Mike Epprecht, Microsoft SQL Server MVP
> Zurich, Switzerland
>
> MVP Program: http://www.microsoft.com/mvp
>
> Blog: http://www.msmvps.com/epprecht/
>
>
>
> "jaylou" wrote:
>
> > First question:
> > I have a user that is admin on the server to perform security patches and
> > general server maint. He is also a user in SQL. Since he is the Admin of
> > the box he has also inherited Admin rights to SQL. I want him to have only
> > "select,insert,update and delete" rights to all tables but no other rights in
> > SQL.
> > Is this possible?
> >
> > 2nd question:
> > Has anyone out there needed to separate SQL functions for SOX? If so can
> > you please give me some ideas of how you separated SA and DBO functions?
> > SA(insert, update, delete)
> > DBO (create tables,give user rights etc..)
> > Thanks,
> > Joe
> >
- Previous message: Awais Bin Khalid: "Re: Windows security"
- In reply to: Mike Epprecht (SQL MVP): "RE: User rights and SOX"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
