Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

sysadmin role risks

Posted on 2014-04-16
1
Medium Priority
?
664 Views
Last Modified: 2014-04-16
can anyone give a management freindly summary of what a user can do with sysadmin priveleges on a SQL server? (aside from access all data). I am trying to identify the risks and put forward a case for revoking such access as there seems a significant number of users with this role permission. So a good list of potential problems that a malciois user with these permissions could cause would be most welcome.
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 52

Accepted Solution

by:
Carl Tawn earned 2000 total points
ID: 40003514
Anyone with sysadmin rights can do anything they want, they have full unrestricted administrative rights over the SQL server. It would be a very bad idea to give that level of permissions to anybody who didn't need it.

Non-exhaustive list:

Create/alter/drop any security object (users, roles, etc)
Create/alter/drop any database, database object, agent job
Create/alter/drop security certificates, encryption keys
Backup/restore/overwrite any database
Modify any server settings
Setup/remove mirroring, replication, log shipping

The list goes on.....
0

Featured Post

What Is Blockchain Technology?

Blockchain is a technology that underpins the success of Bitcoin and other digital currencies, but it has uses far beyond finance. Learn how blockchain works and why it is proving disruptive to other areas of IT.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
This article shows gives you an overview on SQL Server 2016 row level security. You will also get to know the usages of row-level-security and how it works
Via a live example, show how to extract insert data into a SQL Server database table using the Import/Export option and Bulk Insert.
Viewers will learn how to use the SELECT statement in SQL to return specific rows and columns, with various degrees of sorting and limits in place.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question