Thanks for the info Richard.

You are correct, I am not the DBA, I am the lead system analyst for our division.

Perhaps the issue is the difference between static information needs which views and stored procedures handle nicely, and ad hoc needs.

Because many ERP systems come with limited or very generic queries and reports, it's been my experience that first I have to build ad hoc queries and reports to fill an immediate need, about 50% of which may get turned into static information needs.

Our IT department has set up a "reporting" server, however it's not working out very well because connections get blown away every 30 minutes when the server gets updated.

As far as security goes, I'm using strictly read only connections with no write permissions.

I am however very concerned about performance issues, as I wrote in my original post. And, I admit to having inadvertently written a "couple" of open ended queries in my past. However, those are few and far between, and quickly killed by the DBA once I realize what has happened.

Perhaps I am too "old school". I take the view that if a user has permissions to the data they should be able to access it and manipulate it with whatever tools are at their disposal that can make things happen the quickest and easiest.

Unfortunately, it appears to me that the move to SQL server and similar products has resulted in the exact opposite happening. We appear to have traded utility and functionality for security.