• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

SQL Security

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Databases

View previous topic :: View next topic  
Author Message
jhadur
Just Arrived
Just Arrived


Joined: 04 Jan 2007
Posts: 0


Offline

PostPosted: Tue Apr 10, 2007 5:49 pm    Post subject: SQL Security Reply with quote

We are looking to secure our databases internally. We are running SQL 2000 on Terminal Server 2003.

I found the following in SQL documentation and want to make sure I am understanding this correctly.

Here is the info.

With EFS, database files are encrypted under the identity of the account running SQL Server. Only this account can decrypt the files. If you need to change the account that runs SQL Server, you should first decrypt the files under the old account, then re-encrypt them under the new account.

So does this mean that if I encrypt our database files with EFS and someone makes a copy of the database files they will not be able to decrypt the files because they are not members of the account that originally encrypted the files?

If that is true then - the account we have running SQL Server is the local system. Should I change that to a specific account before I encrypt the files or is it safe from general users being run as the local system account?
Back to top
View user's profile Send private message
zeedo
SF Reviewer
SF Reviewer


Joined: 01 Sep 2004
Posts: 24
Location: Scotland

Offline

PostPosted: Mon Apr 23, 2007 4:18 pm    Post subject: Reply with quote

It should probably be running as a user other thank LS anyway.

Check out this guide for basic SQL security:
http://www.nsa.gov/snac/db/mssql_2k.pdf
Back to top
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Databases All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register