ODBC Security

[CMASPE]

I want to get some ffedback from you all concerning the securtiy of an ODBC conenction. I ODBC to my client's db from my webserver and was wondering how secure it is. Any thoughts or sugg????

 

[tlbroadbent]

What is the database? Is security setup properly on the database? Are you required to use a password? Did the customer provide you with a personal login and password? Terry L. Broadbent - Salt Lake City, UT
Home of the 2002 Winter Olympics (Feb 8-24)

http://www.saltlake2002.com

 

[CMASPE]

I am getting into MS SQL and Sybase SQl. Passwords and logon are of the "regular" security flavor.

 

[tlbroadbent]

In reviewing your original question, I'm not sure my questions helped me understand what you were asking?

Are you concerned about the security of the database hosted on the web or about the ODBC connectivity security. Maybe you can explain a little more about what you need to know.

Regarding SQL Server Securty:

There are a number of security issues in SQL Server that must be accounted for when making a database available over the Internet. The database administrator must implement the security measures and continually track newly discovered vulnerabilites. As long as the database administrator is doing this the data should be secure.

Unfortunately, many DBAs don't understand this. Worse yet, some companies just throw up a database without a DBA to handle administration and security. If you are concerned about database security, you should talk to people who own the database to determine if they are following good security practices.

You might want to review information at the SQL Security Website.

http://www.sqlsecurity.com/

Terry L. Broadbent - Salt Lake City, UT
Home of the 2002 Winter Olympics (Feb 8-24)

http://www.saltlake2002.com