Re: Security Configuration Advice
- From: "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx>
- Date: Wed, 21 Dec 2005 12:12:48 -0700
Sure that is possible.
The main strategy used is to only hire trustworthy people
for positions enabled for sensitive access.
A second approach is to audit account management actions.
This second is more for show than real. You must policy the
logged information for one thing.
The bottom line however is that an admin will be able to get
access to anything given determination. An admin would not
even need to change the password on an account, as you have
suggested, in order to get a process running as that account.
It would just take a somewhat more skilled admin, and it would
not leave such a highly visible audit trail.
--
Roger Abell
Microsoft MVP (Windows Server : Security)
"DavidW" <DavidW@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:72B95442-B1F3-4D66-AD4A-BC6C691D52B0@xxxxxxxxxxxxxxxx
> Hi Roger,
>
> Would it be possible for the network admins to reset a user's password and
> then access the application as them? Is there any way of catering for this
> type of circumstance?
>
> Thanks
> David
>
> "Roger Abell [MVP]" wrote:
>
>> First, note that "network admin"s do not need to be SQL admins,
>> and in most cases should not be.
>> Without SQL "sa", then the accounts will only have access in SQL
>> as is configured within SQL for the database.
>> The application should be encrypting (with seeding) the fields in its
>> table(s) that contain sensitive information.
>> The data should be traveling with encryption as can be configured
>> in the SQL client and server networking.
>> If the application allows for configuring access control (as to what
>> accounts may use the application) then that control should be used
>> effectively. Whether the application accesses data as the user or by
>> use of an application role will control the extent of exposure posed
>> by the application itself depending on how it does or does not control
>> access. Nevertheless you could exert some (imperfect against network
>> admins) control over access to the application executable in normal
>> NTFS manner.
>>
>> "DavidW" <DavidW@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:897F8148-7379-4C81-9AED-336E32FC5B65@xxxxxxxxxxxxxxxx
>> > We have an application that stores sensitive information in a SQL
>> > Server
>> > 2000
>> > database. Windows authentication is used for access to the application
>> > and
>> > database. We are concerned that staff with network admin rights will be
>> > able
>> > to access the application and are looking for security configurations
>> > that
>> > will prevent such access. We have also implemented AD on our servers.
>>
>>
>>
.
- References:
- Re: Security Configuration Advice
- From: Roger Abell [MVP]
- Re: Security Configuration Advice
- Prev by Date: Problems logging to server
- Next by Date: Re: SID
- Previous by thread: Re: Security Configuration Advice
- Next by thread: Re: SID
- Index(es):
Relevant Pages
|
|
