I have a potential client that is concerned about security and privacy. There request is to have their clients' information (identification) stored on their own internal SQL Server while allowing non-identifiable data store on my SQL Server (along with data from my other clients). This is a SaaS environment so potentially all of my clients may wish to have this configuration. If my SQL Server is breached, does it this mean that my client's data store is also inherently breached since the connection information would be accessible from my server ?
ok... my server is hosting a website (
ASP.net, IIS 7) and MS SQL Server 2008 R2. How many different ways are there to connect to a linked sql server. Wouldn't the connection info he available or accessible to whoever breached my server ?