Prevent Administrator from using database

[northrd]

My instance of mssql 2005 has no Administrator rights, ergo I have effectively "forced" a logon with user name and password. Well ... thats great for MY instance but there is nothing stopping an unscrupulous user from stopping my instance, copying the database, attaching it to an Administrator rights instance and viewing the tables.

So ... How do I stop this from happening??

Cheers

 

[DatabasePrincess]

One option could be to encrypt the actual data files using something like Windows File Encryption System. Another option would be to secure the server or computer the files are on to prevent someone from getting to the files in the first place.

 

[Mich]

As a DBA, it sounds like you might be the unscrupulous user, but I'll give you the benefit of the doubt.

What do you mean you "forced" a login? I need this to understand the security in your instance/db.

-If it ain't broke, break it and make it better.

 

[SQLWilts]

I agree with DatabasePrincess in that you should secure the server.
Make sure only a very few people have the authority to log on, and of those only a few have the authority to stop the services.
Also, remove the windows administrator login from the security node.
Restrict membership of the backup users group,
create a new sa level login and disable the standard one....
there are a miriad of things that you can do, but look into database encryption in BOL - that may be the way you need to go.

 

[northrd]

OK
Back from a forced break. Staff probs.
Thanks for your replies. Here's the problem. Microsoft, in all its wisdom, allows PCs on XP to be setup with users having administrator rights. In some businesses (possibly many?) networks are just slapped together with a "nest" of these administrators on the same domain.
This raises 2 problems:
1. They have uber-access
2. No file is safe from them.
It is onto this environment that I need to install a "secure" database. Foolish, I know, but as nothing on their environment will change, I have to make the most of the situation.
Its not enough to secure the "sa" with a 40 character password: they can stop the sql service and attach to another with windows authentication. Other than encryption and checksums on the records is there any other way that I can, at least, make the data change-proof?

Cheers

 

[SQLWilts]

Are you saying that the world and his wife/her husband (depending on your persuasion...) are set up as domain administrators?
How much "remote access" does the database need? You could put it on a server that is in a workgroup, or better - not on the network at all.
Other than that, I'm afraid that you are looking at encryption

 

[northrd]

Yeah, its sad but poorly implemented networks are a nightmare. In fact network is a poor description for the nightmares that I am encountering.
Encryption, here I come.

Cheers

 

[SQLWilts]

Is is possible to specifically deny domain admins from accessing that folder? Only grant access to the SQL service account. I am sure that one place I was contracting did just that.
That way you can give access only to SQL logins...
Just a thought...