Auditing changes...By developers

From: "Joseph" <josephsheppard@xxxxxxxxx>
Date: 19 Mar 2007 16:25:28 -0700

What is the best way to go to track changes by developers that are
privy to db usernames and passwords?

Not all application users have domain accounts, so we can't use
trusted connections. Instead, we have a single username that the
application (we only have one) uses to perform its work.

We have auditing at the internal application level...Now we need a way
to determine if any of the four developers are possibly manipulating
data.

I briefly looked at application roles, but considering that you can
run sp_setapprole from the QA, that doesn't seem worthwhile.

How is everyone else doing it? Our auditors assure us it is being
done...

Don't you love SOX?

Thanks!

Joseph

.

Follow-Ups:
- Re: Auditing changes...By developers
  - From: K . Brian Kelley
- Re: Auditing changes...By developers
  - From: Sue Hoegemeier

Prev by Date: Re: ALTER MASTER KEY REGENERATE Command
Next by Date: Re: SQL2005 Linked server authentication problem
Previous by thread: Re: ALTER MASTER KEY REGENERATE Command
Next by thread: Re: Auditing changes...By developers
Index(es):
- Date
- Thread

Relevant Pages

Re: Parent controls
... my children to run is there a way that I can stop them from running certain programs by using different usernames and passwords. ... They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. ...
(microsoft.public.windowsxp.security_admin)
Re: Are you a cyberchondriac?
... I used to keep my passwords (as Andy says, ... those who have many many usernames and passwords to remember, ... the internet is the absolute safest way to exchange ... think that an 80 year old stranger who lives 8000 miles away would be ...
(soc.senior.issues)
RE: ssh security question
... They were doing a simple dictionary attack using common usernames and it ... Your best bet is to ensure your passwords are not easy to crack, ... Information Security Specialist | CIBC Enterprise Information ... firewall - so I could access the centos server remotely. ...
(SSH)
Re: Properly configuring SMTP Service
... specifies the AUTH LOGIN details in Outlook Express? ... preventing the compromise of usernames + passwords is very ... this can cover authentication as well (even if the ...
(microsoft.public.inetserver.iis.smtp_nntp)
Re: XP Peer to Peer Network: all OK except for this ...
... make as new usernames and passwords on ... >>I have connected a laptop and deskptop via a crossover ... >>with no bother, in fact the network is no bother except ...
(microsoft.public.windowsxp.network_web)