 |
How can I keep the 'sa' account from reading my confidential data? |
|
|
Answer: Make sure you are making a clear distinction between the sa account and the sysadmin fixed server role. By using Windows Authentication you can block 'sa' from logging in at all. To keep the local admin from getting access to the database (or server) you need to grant access to the server to another account (someone needs to be a sys admin) and put this account in the sysadmin role. Now you can safely remove the BUILTIN\Administrators login or simply remove it from the sysadmin role. Adding encryption to this mix is also a good move for a multitude of reasons (not the least of which is keeping NT admins from just copying the database files and attaching them to another server) but DO NOT "roll your own" encryption. Use the CryptoAPI/.NET Framework and do your best to hide the encryption keys from unauthorized personnel (key management is always the hard part). Rolling your own encryption is a recipe for disaster unless your last name is Rivest/Schneier etc..... ;-) |
|
Powered by
DBNest.com (Nest of DB Professionals)