I have a SQL Server that holds a lot of data. An application, running on several other clients, all access this server to get various data for processing. The previous version of this program gave pretty much unlimited access to anyone with the program to all of the data in the database. Now I’m making a new version of this application and want to implement fancy things like logging in with user names and having different levels of users, and limiting what they can access/change accordingly.

My knowledge of MS SQL server is kind of limited, though growing, and I know I can do a number of different things in the database itself to limit who has access to what. Another option is to close off the database from outgoing connections, and to simply run an application on the local DB server that handles incoming connections via sockets, validates users, and checks that what they’re trying to access they actually can. To me this seems like a simpler idea; I only need to worry about one database user, and I can strictly control which tables (and columns if need be) are accessed by the different levels of users. Though like I said, SQL server is not my expertise, and I want to know if I’m over complicating what might be a very easy thing to accomplish inside the database, or perhaps opening myself up some other problem I might not be thinking of? There aren’t a ton of users. Right now less than 10, and not expected to grow, so there isn’t a concern about too many sockets or threads running on this separate app.

My biggest concern here is that the database contains some important personal information about people. This isn’t a big company by any means, but at the same time, if someone were to get a hold of this data it would be very bad (yes this data is encrypted). With the old application, if you had the right connection string you could get in and get whatever you want, and while that never happened, I don’t want to be one of those programmers that implemented stronger security after it was needed.