http://www.sqlservercentral.com/blogs/steve_jones/2009/12/17/securing-log-shipping/

Printed 2014/10/30 05:03PM

Securing Log Shipping

By Steve Jones, 2009/12/17

There was a post recently where someone was asking about securing log shipping to comply with HIPAA requirements. It struck me at first that really log shipping isn’t a SQL Server operation, it’s a Windows operation. The ongoing process of log shipping is:

Of these, they break down in terms of security and possible issues in this way.

  • Perform a SQL Server log backup (SQL Server process, secure)
  • File sits on the local Windows file system for some xxx time (Windows security needed)
  • Copy the log file to the remote server (Standard SMB copy, Windows security needed)
  • The file sits on the remote Windows file system for some yyy time (Windows security needed)
  • Restore the log backup to the SQL Server instance (SQL Server process, secure)
  • The only real places to provide security are from Windows, where you need to do the following:

    This means to me that this is primarily a Windows issue, and that the DBA needs to work with the Windows admin to implement an IPSec policy or setup a secure tunnel. Here’s one link I found, but not being a strong Windows admin, I’m not sure if it’s the best one. The idea would be that you would want to secure the network traffic to prevent a third party from copying the log backup somehow.

    Is it a big deal? I’m not sure about that. I think this is an item that auditors might be concerned about more than it is a security risk. After all, even if a hacker acquired an old full backup and a log backup, they wouldn’t necessarily be able to restore the log backup since the LSNs would be out of order. And while a log backup might contain sensitive information, an attacker couldn’t guarantee that any particular log backup would have sensitive information. Only if that information were edited would it be included in a log backup.

    The big security downside is that whatever channel or method you use here would likely be the same one used for initialize things and include a full backup somewhere. So it’s a good idea to provide tight security, and not just set up shares that Everyone can access.


    Copyright © 2002-2014 Simple Talk Publishing. All Rights Reserved. Privacy Policy. Terms of Use. Report Abuse.