RE: db_datawriter role and application sec.
Are the apps all accessed via a browser? Could you put a block on all access attempts that don't originate from the web server or IT computers?If the apps connect via ODBC and use standard SQL authentication, do the users know the password to get them through the ODBC connection?I would also take the political route […]
2005-02-02