Wayne West (5/25/2015)

---

Ross McMicken (5/25/2015)

---

GPO (5/23/2015)

---

Of course all of this assumes your DBA or sysadmin is beyond reproach. I worked as a bank clerk many years before I'd ever heard of SQL Server. In their training, policy and procedures they emphasised that an unhealthy number of bank frauds were perpetrated by insiders. A security measure they had in place to counter this was the concept of two signatures... And there were rules about which two and when. I've never seen the equivalent of this implemented in SQL Server. Ultimately trust always seems be vested in people who can act alone. If I wanted to set up my SQL Server environment so that certain tasks could only be performed by two people, and that their activities could always be traced, could I do it? How would I go about it?

I have seen systems where certain tasks require two people sitting side by side. They use a special ID that is checked out from an application that generates a new split password at the time the ID is required for use, and the password expires in 24 hours or less. There is usually a group of 3 or more people with the ability to check out the passwords, so it's not an issue if someone is on vacation.

I like that. And naturally the act of checking out a password would be heavily logged and audited. I have no idea how I'd try to implement something like that in SQL Server, probably a PowerShell or CLR app I suppose.