In my SSWUG newsletter this morning there was a short article on database shoplifting. It wasn't really an article as much as a musing. Anyway, Stephen goes to talk about how most data theft comes from within the company by trusted employees who turn around and use it against the company in some way. I can't really understand why they would do something like that. It's not like the companies treat them like crim In my SSWUG newsletter this morning there was a short article on database shoplifting. It wasn’t really an article as much as a musing. Anyway, Stephen goes to talk about how most data theft comes from within the company by trusted employees who turn around and use it against the company in some way. I can’t really understand why they would do something like that. It’s not like the companies treat them like criminals or anything when they turn in their notice. Oh, wait… strike that.So what can you do to prevent your database from being stolen? Well, I talk to a lot of vendors… and I mean a lot. And it seems like none of them are even mildly concerned with this aspect of IT. Even the security focused companies I talk to aren’t concerned with people stealing data or databases. Sure, they’re concerned with it in theory, but nobody’s really working on the problem. How do you keep someone from stealing your backups? You can password protect them, but what if the DBA who knows the password is the one stealing it? What about just being able to steal the data files? What’s to keep a DBA or NT admin from stopping the service and taking the data files to restore on their home system? It’s nice that so many vendors have figured out how to audit DBs, but the damage could already be done if you’re not careful. Microsoft needs to give us a way that we can make sure our data files can’t be restored on unauthorized machines. Hell, for that matter, so do Oracle, IBM, and the rest of them.I believe Imperva does some good work in this area. They allow you to define an Imperva admin and he supercedes the NT admin so nobody can shutdown services w/o the Imperva admin giving them rights. And they can keep even domain admins from being able to copy or move files they’re not supposed to.The database field is still fairly young in terms of other fields. So we’re still figuring out where all the gotchas are and it’s going to take some time to get everything worked out. The problem is that enough people have to have these theft problems before the vendors will start doing something about it. Watch my free SQL Server Tutorials at: https://MidnightDBA.ITBookworm.com Read my book reviews at: www.ITBookworm.com Blog Author of: DBA Rant – https://dbarant.blogspot.com Databases