Database Security

The most common way to secure the SYSTOC database is to restrict the number of users with access. This works in concert with network security, since a network group is typically created specifically for SYSTOC users. This group is given rights to access the database but not to directly access the data itself. The application uses separate database logins that are not available to any other users. Therefore, users cannot access data in the database from any application except SYSTOC.

The database administrator should grant permissions on an individual basis to users who require database access for purposes of writing and running Crystal Reports or other reporting tools outside of SYSTOC.

In addition to basic database access management, you may also wish to use transparent data encryption (TDE), available in various Microsoft SQL Server versions. TDE provides encryption of data at rest. SYSTOC has been successfully tested using TDE.