RE: How to protect a database from DBAs invasion ????????

RE: How to protect a database from DBAs invasion ????????

 

  

Hi Wilson,

Thanks for your reply.

Yes, my boss is not supposed to do DBA tasks.

The data we are going to write into our "Personnel
Database" is highly confidential like Salary details,
Performance Review and Etc. So no one should have
direct access on this data including me (though i am a
DBA). We want the data to be accessed only through
front-end VB application.

Our front-end application is written using Visual
Basic 6.0.

Where do I have to write coding for “Encryption”
either in “VB application” or SQL Server?

So, could you please give me some idea about "how to
encrypt the data in VB application before writing into
SQL Database"?

Will appreciate your precious help.



But Allan" <Allan.[Email Address Removed] wrote:
> I wouldn't look at denying the dba access to the
> database. Who's going to
> maintain it? Your Boss? :-)
>
> I think in situations like this, the data is stored
> in an encrypted format
> instead. The dba can still access the database and
> do his job maintaining
> it. But... Since the data is encrypted, even the
> dba cannot make heads or
> tails of what is in the tables.
>
> I'm not familiar with how to do this on SQL Server,
> I just know that it can
> be done. There is probably something on the client
> end that decrypts the
> data before being presented to the application.
>
> Allan
>
> -----Original Message-----
> From: Bajal Mohamed [mailto:[Email Address Removed] Sent: Wednesday, February 26, 2003 3:09 AM
> To: LazyDBA.com Discussion
> Subject: How to protect a database from DBAs
> invasion ????????
>
>
> Hi Pals,
>
> I have designed database for "Personnel System" and
> it
> is ready for use. Now my boss says that only one
> person should have full rights on this database. He
> don't want even myself (as I am a DBA here) to have
> access on this Database.
>
> Here we have only one server (Win 2k with SQL 2k).
>
> For this purpose, I have installed new instance and
> named it as "Personnel System", this instance's "sa"
> password is given to my boss. I mean he is the only
> one person can access this database now.
>
> But I found that, I can still attach this "Personnel
> System" database to another instance of sql server
> and
> open the database fully & modify. By doing this I
> realize that our "Personnel System" database is not
> protected well from intruders.
>
> Is there is any way to secure a database (from the
> DBA
> though it was designed by him)?.
>
> The main purpose is "my boss don't want to give me
> an
> access to this database (I am the one SQL Server DBA
> here).
>
> Advanced thanks for ur ideas & suggestions
>
>
> =====
>
> Best Regards,
> Bajal Mohamed.
>
> YOUR ATTITUDE IS YOUR ALTITUDE
>
>
>
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Tax Center - forms, calculators, tips, more
> http://taxes.yahoo.com/
>
>
---------------------------------------------------------------------
> TO REPLY TO EVERBODY , PLEASE CLICK REPLY-ALL, NOT
> JUST REPLY
> To unsubscribe, e-mail:
> mssqldba-[Email Address Removed] For additional commands, e-mail:
mssqldba-[Email Address Removed] Regards,
Bajal Mohamed.

YOUR ATTITUDE IS YOUR ALTITUDE




__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/
MS Sql Server LazyDBA home page