Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
barnabeck
Posting Yak Master
236 Posts |
 Posted - 2013-11-04 : 16:10:40
|
| Hi,our server environment will soon be hosted by our mother company and we are planning the migration. Looking at the way we are querying the database of the ERP they pretty much disagreed about us using "linked servers". We actually did that in order to keep the ERP data safe and the SQL user account that is tied to that linkage has only write permissions.Nevertheless they are concerned and I need good arguments to convince them; we are running server sided web-applications that access the databases and I guess there is some panic on the possibility of SQL injection. We are right now on the Internet with our Sharepoint Intranet too, but this will be turned down leaving access only via VPN.Are there any hints or comments on roles, permissions, schemes etc and how to grant highest security?Regards,Martin |
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2013-11-04 : 16:26:19
|
| How does using a linked server keep the data safe? I don't see a reason to use linked servers for what you have described.Tara KizerSQL Server MVP since 2007http://weblogs.sqlteam.com/tarad/ |
 |
|
|
barnabeck
Posting Yak Master
236 Posts |
Posted - 2013-11-04 : 16:46:21
|
| It was not really a measure to keep the data safe. That was just a way to structure and divide services, and it grew historically. So the question is: is there any difference between using the linked server, bound to a restricted account and using that same account directly to access the database? |
|
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2013-11-04 : 16:50:26
|
| The only difference would be performance. The linked server query would generally be slower than the direct access query.Tara KizerSQL Server MVP since 2007http://weblogs.sqlteam.com/tarad/ |
|
|
|
|
|
|
linked Server - security issue?