We are going to be migrating our web application to an
external hosting partner. All access to our SQL server
will be done remotely. I am trying to find information
pertaining to the security concerns and how to address them
when accessing SQL 7 data via the web from a remote
location. Specifically, what set up will we need, what are
our options (mixed mode/authentication), questions to ask
and things to look at for making secure connections.
Everything I find is on SQL 2000. Where can I go on line
to find information on SQL 7.
Try the following link:
K. Brian Kelley
K. Brian Kelley
Are you co-locating your own server with sql installed, or is the hosting company providing you with sql server access? If the sql server access is provided by the hosting company your options will be limited by the hosting company. Either way you will most likely be using SQL Server Authentication. I have used both SQL 7 and 2000 remotely via the web and security concerns are pretty much the same. Are your concerns with managing sql server from query Analyzer, Enterprise manager (how many people will be managing it) or querying from ASP pages in a web site (are your queries being executed from ASP pages or in a middle tier component)? Or maybe all of the above. How secure do you need to be? Are you worried about someone getting your login/passwords and breaking in to your sql server or are you worried about someone seeing data that is being queried? Keep in mind that because you are going over the internet the packets are out there for anyone to capture (sql logins are sent in plain text and the passwords are encrypted)(there is an option in Client Network Utility to force protocol encryption but Im not exactly sure all that is involved in setting it up) unless of course you are using some kind of secure connection such as a vpn. You have many options depending on what you are doing.
Viewing 3 posts - 1 through 2 (of 2 total)