Our epidemiology group is trying to develop a better security protocol for our data resources. Our statisticians can use standard encryption programs to regulate access to data but I am working with very large files (and many of them) - I am concerned that, if I use something like Truecrypt to encrypt the drive holding SQLS data, I will reduce performance since there will be constant on-the-fly decryption and encryption. At the moment, SQLS lets me in under my Windows scheme - if I enter the correct password when booting, everything else works properly. However, I would like a way to password each database so that it is unavailable unless the password is entered correctly. - I don't want to encrypt the data - just to secure access to the data. Is there a simple way to do this? Thanks. Chris
Sorry for the delay in replying - I've been away. Thanks for the suggestion - I will investigate this. Chris
I wanted to know few missing pieces here such as version of SQL you are using and operating system within these application components. I believe this can be achieved by using available features in SQL 2005, but before giving you much of leads I wanted to make sure what version you are using.
My version of SQLS is 2005 64-bit, SP2, running on (a) Windows Server 2003 64-bit, SP 2 and (b) Vista 64-bit. None of my databases exists on a network - all are standalone. All I really need to do is to make a data table unavailable to anyone save myself and my assistant. Thanks. Chris
Thanks, this is clear now. All you need is secure the platform on windows & SQL, the way you can do it is: -Disable all the shares on Windows operating system. -Do not allow any MAP of drives on the server. -Disable SA account in SQL Server or rather rename it - http://blogs.msdn.com/sqltips/archive/2005/08/27/457184.aspx fyi -In addition to what referred above use WiNDOWS AUTHENTICATION and do not allow access to LOCAL ADMINISTRATORS group on the server. http://sqlserver-qa.net/blogs/perftune/archive/2008/05/23/4155.aspx fyi on Security BPA.
Thanks, Satya. I will explore your advice - and will assemble the various pieces of advice in this topic into a set of recommendations for our group to discuss. Chris