How to protect a database from the Server Administrator in Sql Server


We have a requirement from a client to protect the database our application uses, even from their local administrators (Auditors just gave them that requirement).

In their requirement, protecting the data means that the Sql Server admin cannot read, nor modify sensitive data stored in tables.

We could do that with Encryption in Sql Server 2005, but that would interfere with our third party ORM, and it has other cons, like indexing, etc.

In Sql Server 2008 we could use TDE, but I understand that this solution doesn't protect against a user with Sql Server admin rights to query the database.

Is there any best practice or known solution to this problem?

This problem could be similar to the one of having an application hosted by a host provider, and you want to protect the data from the host admins.

We can use Sql Server 2005 or 2008.

avatar image By kosmik5 1 asked Dec 06, 2017 at 07:28 AM
more ▼
(comments are locked)
10|10000 characters needed characters left

0 answers: sort voted first
Be the first one to answer this question
toggle preview:

Up to 50 attachments (including images) can be used with a maximum of 209.7 MB each and 209.7 MB total.

Follow this question



asked: Dec 06, 2017 at 07:28 AM

Seen: 30 times

Last Updated: Dec 06, 2017 at 07:28 AM