locked
Database Security RRS feed

  • Question

  • Dear,

    We are having SQl Server 2008 R2 entr.

    We are having windows application around 500 users.

    All our 5 develpoers are having SA authentication.

    I wanted to such the sucpicious activities of these develpors.

    How I can check.

    Please give me the standard security procudre to apply and to keep checking.

    • Moved by Maggie Luo Tuesday, January 22, 2013 7:46 AM
    Tuesday, January 15, 2013 7:02 AM

Answers

All replies

  • Tuesday, January 15, 2013 9:34 AM
  • Hi,

    Read the topic  "SQL Server Security Audit Report"  it will make you update how to get information about security:

    http://www.mssqltips.com/sqlservertip/1881/sql-server-security-audit-report/


    Ahsan Kabir Please remember to click Mark as Answer and Vote as Helpful on posts that help you. This can be beneficial to other community members reading the thread. http://www.aktechforum.blogspot.com/

    • Marked as answer by Maggie Luo Tuesday, January 22, 2013 7:45 AM
    Tuesday, January 15, 2013 12:32 PM
  • A good start is to change the password of the sa account and don't tell the developers the new password. If they need to have sysadmin access, create individual logins for each of them, so that you tell who did what.

    Then again, if you don't trust them, you should not probably make them sysadmin. To wit, auditing a skilled person with sysadmin access for suspicious is about impossible, as the person has all permissions needed to turn off everything he needs. Auditing in various forms can still be meaningful since someone may do something may mistakenly do something he should not have done.

    Auditing options include the default trace (tracks table creation a few more events), SQL Server Audit (Enterprise Edition), DDL triggers, as well as application triggers to track suspect actvities in the database. It depends on what more exactly what you want to track.


    Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se
    Tuesday, January 22, 2013 10:47 PM