Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
dhw
Constraint Violating Yak Guru
332 Posts |
 Posted - 2003-01-15 : 18:17:29
|
| Hello..Is there any way to secure a sql server database so that if someone was able to physically take the hard drive (or copy the sql server database and log files) and they did not know the user name or password (for sql logins) they still could not access the database? Or....once someone has the database can they just attach or restore it to a different server and get to the data???thanks....dw |
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2003-01-15 : 18:24:11
|
| Well as long as they are an administrator on the machine that they put the hard drive in, then they will be able to do anything that the sa account could do. So, make sure that you server is in a rack and that the rack is locked. |
 |
|
|
ValterBorges
Master Smack Fu Yak Hacker
1429 Posts |
Posted - 2003-01-15 : 18:50:04
|
| http://www.sqlsecurity.com/DesktopDefault.aspx?tabindex=1&tabid=2 |
|
|
|
dhw
Constraint Violating Yak Guru
332 Posts |
Posted - 2003-01-16 : 01:43:01
|
| Thanks for the info and the link. I think that we may need to encrypt the data (at least some of the sensitive bits) as well....then if someone took the database or harddrive...they would still only have encrypted data.....dhw |
|
|
|
|
|
|
Secure database ?