I recently discovered that a large swath of the finance department is using Excel to connect to my SQL Server 2000 instance with an account in the sysadmin role. What are my current risks that I should immediately communicate to the powers that be?
Asked
Active
Viewed 2,352 times
8
-
possible duplicate of Why is it a bad practice to allow everyone to use the sa login? – Jon Seigel Oct 04 '12 at 14:45
-
1TPTB = The Powers That Be – datagod Oct 05 '12 at 02:18
-
1@JonSeigel, I wil point out that my answer applies specifically to helping explain why it's a bad Financial praoctice as well as the more general security issue for all dbs in the question you linked to . – HLGEM Oct 05 '12 at 20:31
-
I will also point out (and maybe my question was not clear enough given that it was posted on an iPhone) that my concern is less with a management surface and more with Excel and the potential concerns with Excel as the particular vector. – swasheck Oct 05 '12 at 20:53
4 Answers
9
Pretty much everything.
I'd start with their potential ability to use xp_cmdshell (and sp_configure if they can't, so then they can ... and whatever the account returned by xp_cmdshell 'whoami.exe' can do....), then move onto their ability to do drop database.
Further risks include not just finance users being able to do these things, but any program on a finance machine gaining access to your sysadmin connection credentials...
(Other potential risks include the risk of discovering that one of TPTB set it up this way)
podiluska
- 740
- 7
- 10
-
...or drop table, or delete, or truncate, or
select name, salary from employees– Aaron Bertrand Oct 04 '12 at 14:32 -
3
-
5And these are all potentially malicious things. Giving people sysadmin rights also exposes them to potentially accidental things. – Aaron Bertrand Oct 04 '12 at 14:34
6
It allows them to basically do anything they want to the database. They could truncate/alter/drop tables. Delete, Insert, or alter specific records. I would highly recommend you address this as soon as possible.
Zane
- 3,511
- 3
- 24
- 45
6
One thing that the financial people should understand is that by giving the Excel the system user, you have bypassed every internal control built into the database or the application. A competent auditor would eviscerate them for this. So for instance if you have controls built to ensure that two different people must approve an expense (to avoid potential fraud) then by connecting the Excel spreadsheet this way, you have removed this control on the data completely.
HLGEM
- 3,133
- 17
- 18
5
If a malicious user destroyed your data, you could restore from backup--you should be able to calculate the impact to business for this scenario.
What may be worse is that your system no longer has integrity. If a user manipulates data in a non-catastrophic way, you may not discover the damage until after your backups are no longer an available option. Consider the impact of the business being unable to trust the validity of any data housed on that server.
SQLFox
- 1,564
- 12
- 23