Hiding Data

"elmo" <el**@delphisure.com> wrote in message
news:hv********************@is.co.za...

Hi,

I am intetrested to know if there is a way to hide the information in a
specific column in my table. SQLServer 200. Something like a password
protection were you only see *****. I have a DBA but want to hide salary
information from him that is stored in the database.

Any suggestions
Thanks
Elmo

This isn't possible - a member of the sysadmin role can access all data in
all databases. You can encrypt/decrypt the sensitive information in your
client application using whatever encryption API is available, then just
store the encrypted value in the database table:

http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=22

Simon

I have exactly the same issue.
Our security person wants an audit on all 'select' on 4 tables
containing sensitive data.

Any idea how we can manage to do this???

"Praim Sankar" <pr**************@cogeco.com> wrote in message
news:32**************************@posting.google.c om...

I have exactly the same issue.
Our security person wants an audit on all 'select' on 4 tables
containing sensitive data.

Any idea how we can manage to do this???

One way would be to run a trace, filtered on object name and SELECT. Or
there are commercial products for auditing purposes, such as this one (which
I've never used):

http://www.lumigent.com/products/entegra_sql.html

However, it would be extremely difficult to prevent a determined
administrator from viewing the data - he can disable auditing briefly,
restore a backup to another server without auditing etc. So any technical
solution needs a 'human' part too, ie. good staff, and a clear policy on
data access.

Simon