SQL Server Performance

Securing a database

Discussion in 'Getting Started' started by cjp, Aug 19, 2008.

  1. cjp New Member

    Our epidemiology group is trying to develop a better security protocol for our data resources. Our statisticians can use standard encryption programs to regulate access to data but I am working with very large files (and many of them) - I am concerned that, if I use something like Truecrypt to encrypt the drive holding SQLS data, I will reduce performance since there will be constant on-the-fly decryption and encryption.
    At the moment, SQLS lets me in under my Windows scheme - if I enter the correct password when booting, everything else works properly. However, I would like a way to password each database so that it is unavailable unless the password is entered correctly. - I don't want to encrypt the data - just to secure access to the data.
    Is there a simple way to do this?

  2. AGE_mx New Member

    You can use NT authentication and roles - users in the data base to set up you security profiles.
  3. cjp New Member

    Sorry for the delay in replying - I've been away.
    Thanks for the suggestion - I will investigate this.
  4. dineshasanka Moderator

  5. cjp New Member

    Thanks for the link - I will follow this up.
  6. satya Moderator

    I wanted to know few missing pieces here such as version of SQL you are using and operating system within these application components.
    I believe this can be achieved by using available features in SQL 2005, but before giving you much of leads I wanted to make sure what version you are using.
  7. cjp New Member

    My version of SQLS is 2005 64-bit, SP2, running on (a) Windows Server 2003 64-bit, SP 2 and (b) Vista 64-bit.
    None of my databases exists on a network - all are standalone.
    All I really need to do is to make a data table unavailable to anyone save myself and my assistant.
  8. satya Moderator

    Thanks, this is clear now.
    All you need is secure the platform on windows & SQL, the way you can do it is:
    -Disable all the shares on Windows operating system.
    -Do not allow any MAP of drives on the server.
    -Disable SA account in SQL Server or rather rename it - http://blogs.msdn.com/sqltips/archive/2005/08/27/457184.aspx fyi
    -In addition to what referred above use WiNDOWS AUTHENTICATION and do not allow access to LOCAL ADMINISTRATORS group on the server.
    http://sqlserver-qa.net/blogs/perftune/archive/2008/05/23/4155.aspx fyi on Security BPA.
  9. cjp New Member

    Thanks, Satya. I will explore your advice - and will assemble the various pieces of advice in this topic into a set of recommendations for our group to discuss.

Share This Page