October 7, 2010 at 9:44 am
Hi Everyone
We are about to provide a software as a Service solution to our customers. At present we have a single virtualised server within a data centre, we plan to use this server to host separate SQL 2008 instances for each customer.
Each customer will be granted a single SQL Server login on their instance which our desktop application will use.
We are comfortable with our backup strategy, but wondered if there is anything we are missing with regards to securing the customer databases and wondered if anyone had any experiences of managing a shared server.
Many thanks for any advice or help
Regards
David
October 7, 2010 at 10:09 am
Do each of these customers have physical access to their database files?What kind of user rights do each of these customers have on their database?
If you give physical access to the Hosting server, then you will need to secure the DB files.
-Roy
October 7, 2010 at 10:12 am
Hi Roy, thanks for your reply.
We do not intend to give any physical access to the Database files to our customers. The Application we will be hosting for them will be on another set of Virtualised servers.
Best regards
David
October 7, 2010 at 10:26 am
That would probably mean that you are securing on two levels. One is based on NT security and the second level of security is separate DB instances. I do not see anything more that needs to be done. But there are couple of security experts in this forum. They might be able to give more insight to your scenario.
Just make sure that you manage your memory, CPU and IO on the Virtual server for these separate instances.
-Roy
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply