Our epidemiology group is trying to develop a better security protocol for our data resources. Our statisticians can use standard encryption programs to regulate access to data but I am working with very large files (and many of them) - I am concerned that, if I use something like Truecrypt to encrypt the drive holding SQLS data, I will reduce performance since there will be constant on-the-fly decryption and encryption.

At the moment, SQLS lets me in under my Windows scheme - if I enter the correct password when booting, everything else works properly. However, I would like a way to password each database so that it is unavailable unless the password is entered correctly. - I don't want to encrypt the data - just to secure access to the data.

Is there a simple way to do this?

Thanks.

Chris

You can use NT authentication and roles - users in the data base to set up you security profiles.

Sorry for the delay in replying - I've been away.

Thanks for the suggestion - I will investigate this.

 Chris

I wanted to know few missing pieces here such as version of SQL you are using and operating system within these application components.

I believe this can be achieved by using available features in SQL 2005, but before giving you much of leads I wanted to make sure what version you are using.

 Thanks for the link - I will follow this up.

 Chris

My version of SQLS is 2005 64-bit, SP2, running on (a) Windows Server 2003 64-bit, SP 2 and (b) Vista 64-bit.

None of my databases exists on a network - all are standalone.

All I really need to do is to make a data table unavailable to anyone save myself and my assistant.

Thanks.

Chris

Thanks, this is clear now.

All you need is secure the platform on windows & SQL, the way you can do it is:

-Disable all the shares on Windows operating system.

-Do not allow any MAP of drives on the server.

-Disable SA account in SQL Server or rather rename it - http://blogs.msdn.com/sqltips/archive/2005/08/27/457184.aspx fyi

-In addition to what referred above use WiNDOWS AUTHENTICATION and do not allow access to LOCAL ADMINISTRATORS group on the server.

http://sqlserver-qa.net/blogs/perftune/archive/2008/05/23/4155.aspx fyi on Security BPA.

Thanks, Satya. I will explore your advice - and will assemble the various pieces of advice in this topic into a set of recommendations for our group to discuss.

Chris