Securing SQL Server 2008 R2 on Customers Network

StackOverflow https://stackoverflow.com/questions/22505164

Question

We have a ASP.NET web application with SQL Server 2008 R2 as the backend.

Our client wants the application hosted on their servers to which they will have full administrative access.

I have 2 questions:

1 - Is there any good way of restricting their access to the back-end database.

2 - Are there any tools (free or cheap preferably) to monitor if anyone has logged into the database from outside the application ?

Many Thanks.

Regards

Was it helpful?

Solution

In answer to your first question: If they have full admin access to the server, they're going to be able to do whatever they want with the databases on it. However you can still add auditing to the server, if you can trust them not to tamper with that. I'd suggest making it a condition of the support you provide them, to not make changes to the database directly.

In answer to your second question:

SQL Server Auditing - can be used for instance and database level auditing.

For more information, this is a pretty good guide with examples of how to set it up: http://bradmcgehee.com/2010/03/30/an-introduction-to-sql-server-2008-audit/

This also gives even more information on how it works and examples: http://msdn.microsoft.com/en-us/library/dd392015%28v=sql.100%29.aspx

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top