Re: High security Needs, Cheep Clients, Need Help
- From: "Michael Hotek" <mhotek@xxxxxxxxxxxxxxx>
- Date: Sat, 3 Jun 2006 22:55:04 -0500
You have to make sure that you are using different service accounts for each
instance otherwise someone gaining elevated rights within one instance will
be able to get to the other instance. Additionally, you should not allow
any SQL logins to either instance. The web server should be configured to
connect to the instances using Windows credentials which forces anyone who
can not authenticate in Windows to not have access to either database
instance. The IIS server needs to be locked down to ensure that you don't
have any security holes. The service accounts for each instance should be
regular Windows accounts and NOT a member of local administrators or even
worse domain/enterprise administrators.
After accomplishing that, you pretty much have the front door closed. Now
you have to worry about all of the back end stuff. How are you going to
handle backups of the databases such that the data in your secure instance
remains secure even through the backup files? How are you going to control
administrator and developer access within your company to the secured
instance? How are you going to audit the operations within the secure
instance such that your customer on this secure instance can't create a
situation where they actually damaged data or caused the security to be
compromised, but are pointing the finger at you?
--
Mike
MHS Enterprises, Inc
Disclaimer: This communication is an original work and represents my sole
views on the subject. It does not represent the views of any other person
or entity either by inference or direct reference.
"Phil" <prounds@xxxxxxxxxxxxxxxxxx> wrote in message
news:eFeo0WchGHA.4080@xxxxxxxxxxxxxxxxxxxxxxx
I have an existing server hosting several sites with associated back end
databases.
I have a new client who needs secure hosting solutions, including a secure
database, without the expense of a new server. I was thinking of the
following architecture. I know some ( most ) of this is not SQL related,
but bear with me please.
I am hosting web services on the server to provide the interface with the
external world. End-Use clients will have applications with certificates
to access these web services. I have two instances of SQL Server 2005
running, MYSERVER\PUBLIC & MYSERVER\PRIVATE.
MYSERVER\PUBLIC contains all my existing, non-secure, databases plus some
info relevant to the new service which need not be secure.
MYSERVER\PRIVATE will contain all the new, to be secured, data.
MYSERVER\PRIVATE listens only on TCPIP Address 127.0.0.1, so should be
available only as 'localhost' from within the server, i.e. not be public
to the outside world. My web services should be able to access this data,
and the web services will only be accessible to these signed applications.
Of course, any relevant info would be encrypted.
Is this sufficient ?
Any input would be appreciated
Thanks
Phil
.
- References:
- Prev by Date: Re: Encryption; SQL Server 2005 & Windows 2003 Server
- Next by Date: Re: High security Needs, Cheep Clients, Need Help
- Previous by thread: High security Needs, Cheep Clients, Need Help
- Next by thread: Re: High security Needs, Cheep Clients, Need Help
- Index(es):
Relevant Pages
|
