Third party access to SQL

From: Simon <Simon@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 24 Apr 2008 03:10:01 -0700

We have a hosted SQL server with various internal applications on it. It has
been decided by on high that the same server will also have a database from a
third party on the server. The third party have asked for full system admin
rights on the SQL server.

Obviously I am not going to grant that access level as it gives them full
control on the box. From my viewpoint read and write access to the data can
be tolerated but anything else will be denied. Would you consider this
standard and is there any documentation with recommendations for control of
external suppliers ?

I am sure that they shouldn`t be doing any work on tables structure, sp`s
etc on a live database. That work should be tested, scripted etc and then run
on in a controlled environment by my company.

Anyone have any advice ?

Thanks

SI
.

Follow-Ups:
- Re: Third party access to SQL
  - From: Dan Guzman

Prev by Date: Re: permissions to some master SP's
Next by Date: Re: Third party access to SQL
Previous by thread: SQL Performance with Trace files
Next by thread: Re: Third party access to SQL
Index(es):
- Date
- Thread

Relevant Pages

Store program EXE in table?
... I have remote control software ... my application uses as its data storage system MSDE 2000 (with ... since I already have SQL Server running on the network I'd like ... Is there some way that I can either a) store my program files (one EXE ...
(comp.databases.ms-sqlserver)
Re: SQL Server 2000 speed problems
... >> CREATE TABLE Control ... >> This is done by inserting a new row with the current time into the ... >> written to the database, and the writing needs to be fast, in the region ... >> similar that can be changed on SQL Server that could help solving this ...
(microsoft.public.sqlserver.programming)
Re: :: Control user access
... IMO it totally depends on the nature of the application. ... As you indicate SQL Server involvement, ... Microsoft MVP (Windows Security) ... > way to control user access in my application. ...
(microsoft.public.security)
Re: using lookup and display only field as control field
... The control table would have only one row. ... assosciation between the two tables if the key field was null in both ... Of course, the syntax above is specific to SQL Server, but it's the ... Books Online for SQL Server 2005 at ...
(comp.databases.ms-sqlserver)
Re: DBA Access to SQL Server
... > look at the qualifications or trust of your sql dba ... > rather than his/her permissions. ... > 99.9% of the time i hear this question it's a control ... if your support model includes the DBA folks doing the SQL Server ...
(microsoft.public.sqlserver.security)