I had an incident last week with my hosted server. Even though it was not yet in production, it had live data on it. A vendor was going to sign on to configure our terminal services gateway and licensing, something that we were having problems doing. It wasn’t just that the data was live, the problem was that the data represented HIPAA- and FERPA-sensitive information.
And when someone signs on as a server administrator, there’s limits as to how well you can protect your data.
I decided the best thing to do was to drop the databases and delete them from the server. I could pick them up again Monday from backups. Thus my data was secure.
I made one mistake, and it was kind of a biggie. When I created the utility jobs (backups, DBCCs, etc.) I set it to email me at both my work and private addresses when the jobs failed.
And I didn’t stop SQL Agent.
And I headed out of town Sunday for three days.
I had over 400 emails in both accounts waiting for me, all complaining that for some odd reason the databases weren’t available.
My personal email account was a Gmail account, so the messages collapsed nicely under common headers and were very easy to clean up. The ones in my work email also weren’t difficult, in Outlook you right click on one of the messages, click on Find Related, then Messages In This Conversation. No big deal, took maybe 15 minutes to delete them all and to have Outlook clean up my deleted items folder.
Tomorrow we have another vendor accessing the server, so I dropped the databases and copied the MDFs and backups to another server that’s not on the same domain or linked. When the vendor is done, I’ll disable their login, copy my databases back to my server, attach them, turn on SQL Agent,