• Considering it requires local administrator permissions, I wouldn't really call it a back door. Someone with local admin could just as easily stop SQL and copy off the data and log files, copy off the backups, install a kernel-level app that reads memory directly, install a network sniffer or any other manner of nasty tools.

    If someone has administrative permission (or the ability to gain administrative permissions) and wants to steal data/be malicious, there's very few ways to stop them. It's why the principle of least permissions is such a good idea. There should be very few people who have administrative rights to the server, and the DBA is not necessarily one of them.

    Gail Shaw
    Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
    SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

    We walk in the dark places no others will enter
    We stand on the bridge and no one may pass