Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
x51
Starting Member
2 Posts |
 Posted - 2007-12-28 : 12:04:26
|
| I'm SQL impaired, so bear with me.I've searched and searched the Internet and can find nothing even close to my issue. I recently discovered that some of our SQL .bak files when searched with a text editor contain old sensitive and deleted data. At least a year ago (maybe 2) we had setup a sync job that pulled data in from another system. On our initial sync we saw that some data that was pulled in was sensitive data we did not want to have in this database unencrypted. We deleted that table. We modified the job to filter just the data we want. The problem is the data from that original and accidental sync can be seen even in a recent .bak file when opened in a text editor. I had assumed that when I deleted the data it was gone.. (I know until the drive is overwritten several times data can be recovered, but I didn't think my backups would contain it)1) How do I remove this data?2) How can I be sure that deleted data is not included in my Regular backups going forward?3) Would this deleted data be available in any other way outside of obtaining my actual SQL .bak file? (just wondering about the security concerns)I assumed this was free space that was not yet overwritten, or reclaimed.. but we have used the utilities to shrink the database and free unused space many times since deleting this data and it still shows up. Thanks,x51 |
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2007-12-28 : 13:21:37
|
| BAK files should not be viewable with a text editor. How are you performing backups?Tara KizerMicrosoft MVP for Windows Server System - SQL Serverhttp://weblogs.sqlteam.com/tarad/ |
 |
|
|
x51
Starting Member
2 Posts |
Posted - 2007-12-28 : 15:26:49
|
| Tara Thanks for the reply.I have SQL 2000I'm using the regular SQL backup utility.The files are readable, but not really usable... All the data is there if you search. It is surrounded by useless characters and garbage.Below is an example.. This was an old hourly logging system database for IT work for clients. I opened the Bak file with notepad.I replaced client names, employee names, and domain names... but you can see this small example contains everything entered in plain text. If I had say.... a database with personal information including adresses and Social Security numbers or medical records or something... It would be viewable.The example below is not quite displayed right, as some of the characters wont display on this page like they appear in notepad.. but it gets the point across. Also, I'm not just looking for a method to prevent people from seeing this stuff.... I need it to not be there at all. My Backups are securely stored. It's complicated.. but I can not have this data here. For security reasons I need to make sure certain old deleted data is gone as well as future deleted data is deleted and not forever available to anyone who chooses to run a backup job. Not to mention I have to be concerned.. I can not provide a backup file to someone without knowing what might be in it. I had previosly assumed that I could provide SQL .bak files to people as long as sensitive data was removed... but not if it's still there hiding in the .Bak. Any tips would be great. " ¸ Ò Ü‰SomeClient SomeEmployee á á p2 ×Å2 HÅÁ2 ¼2Ðíp2 øƼ2 E Á2` j24¬ú?èÌg2 @ÅÁ2X˜Á28ż2š™™™™™ñ? ð? `.f A `™Á2PÇÁ2š™™™™™ñ? ð? `.f A D ( ° j2x)p@ Ìg2 Á ˜ B ô @ j2 � d A À � j2 Y 0 @ Œ à j2 %ü ? X 0 j2 ñ È > $ € j2 ½ ” = ð Ð j2\ p „ ˜ ¬ À Ô èü < ` � ¬ îŽ�9 è } Å þ ' b 2 ” û œ”-Setup DNS for someone.com and Someone.nett-Setup mail server for someone.com, create accounts for all users-Setup web site to e-mail someone@someone.com @ " |
|
|
|
rmiao
Master Smack Fu Yak Hacker
7266 Posts |
Posted - 2007-12-28 : 23:52:38
|
| Then you need destroy old backup files. |
|
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2007-12-29 : 01:20:46
|
| I'd open a case with Microsoft to see if there is anything that you can do. The current backup should not contain old deleted data.Tara KizerMicrosoft MVP for Windows Server System - SQL Serverhttp://weblogs.sqlteam.com/tarad/ |
|
|
|
|
|
|
.bak files contain deleted data