Is there a way I can monitor who is using EM to open tables?
Suppose I have a database with a table(s) where I keep the answers to questi
ons on a test, or answers to a game a company is running on an intranet, how
do I know if people with sa permissions are going in via the back door to l
ook/retrieve answers?
Thanx!You could use the Profiler on the database and monitor queries, spid's etc.
This can all
be logged to a table.
"JLS" <jlshoop@.hotmail.com> wrote in message news:eiWh$z1wEHA.1300@.TK2MSFTNG
P14.phx.gbl...
Is there a way I can monitor who is using EM to open tables?
Suppose I have a database with a table(s) where I keep the answers to questi
ons on a test, or answers to a game a company is running on an intranet, how
do I know if people with sa permissions are going in via the back door to l
ook/retrieve answers?
Thanx!|||I also forgot to add... the sa password should really be kept under wraps a
nd in
the hands of people on a need to know basis.
"Armando Prato" <aprato@.REMOVEMEkronos.com> wrote in message news:eUYK$V2wEH
A.1524@.TK2MSFTNGP09.phx.gbl...
You could use the Profiler on the database and monitor queries, spid's etc.
This can all
be logged to a table.
"JLS" <jlshoop@.hotmail.com> wrote in message news:eiWh$z1wEHA.1300@.TK2MSFTNG
P14.phx.gbl...
Is there a way I can monitor who is using EM to open tables?
Suppose I have a database with a table(s) where I keep the answers to questi
ons on a test, or answers to a game a company is running on an intranet, how
do I know if people with sa permissions are going in via the back door to l
ook/retrieve answers?
Thanx!|||The best solution would be to put that database on a secured installation
where you controlled who had sa access.
The problem with any sort of auditing solution is that the people you are
auditing are GOD within the system, which means they have the power to
subvert your tracking.
Sincerely,
Anthony Thomas
"Armando Prato" wrote:
> You could use the Profiler on the database and monitor queries, spid's etc
. This can all
> be logged to a table.
>
> "JLS" <jlshoop@.hotmail.com> wrote in message news:eiWh$z1wEHA.1300@.TK2MSFT
NGP14.phx.gbl...
> Is there a way I can monitor who is using EM to open tables?
> Suppose I have a database with a table(s) where I keep the answers to qu
estions on a test, or answers to a game a company is running on an intranet,
how do I know if people with sa permissions are going in via the back door
to look/retrieve answers?
> Thanx!|||Exactly!!! These are my peers, network guys in my department. But I want
the game to be fair, if they can just go into the tables via the back door
then that's really not fair to the rest of the people playing.
To address the comment about the sa password only being given on a need to
know, it is.
"AnthonyThomas" <AnthonyThomas@.discussions.microsoft.com> wrote in message
news:006309CB-AB18-4C59-8B35-75903AA6ECC2@.microsoft.com...[vbcol=seagreen]
> The best solution would be to put that database on a secured installation
> where you controlled who had sa access.
> The problem with any sort of auditing solution is that the people you are
> auditing are GOD within the system, which means they have the power to
> subvert your tracking.
> Sincerely,
>
> Anthony Thomas
>
> "Armando Prato" wrote:
>
etc. This can all[vbcol=seagreen]
news:eiWh$z1wEHA.1300@.TK2MSFTNGP14.phx.gbl...[vbcol=seagreen]
questions on a test, or answers to a game a company is running on an
intranet, how do I know if people with sa permissions are going in via the
back door to look/retrieve answers?[vbcol=seagreen]|||You could always change the 'sa' password yourself prior to the
game commencing. I am assuming that this isn't a production
server. At least I hope it's not ;)
"JLS" <jlshoop@.hotmail.com> wrote in message
news:uPoodP3wEHA.3612@.tk2msftngp13.phx.gbl...
> Exactly!!! These are my peers, network guys in my department. But I want
> the game to be fair, if they can just go into the tables via the back door
> then that's really not fair to the rest of the people playing.
> To address the comment about the sa password only being given on a need to
> know, it is.
>
> "AnthonyThomas" <AnthonyThomas@.discussions.microsoft.com> wrote in message
> news:006309CB-AB18-4C59-8B35-75903AA6ECC2@.microsoft.com...
installation[vbcol=seagreen]
are[vbcol=seagreen]
> etc. This can all
> news:eiWh$z1wEHA.1300@.TK2MSFTNGP14.phx.gbl...
to[vbcol=seagreen]
> questions on a test, or answers to a game a company is running on an
> intranet, how do I know if people with sa permissions are going in via the
> back door to look/retrieve answers?
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment