Managing Security in SSIS
In the world of extraction, transformation, and loading (ETL), everything we do involves moving data from one point to another. However, very often the focus in SSIS package development is on functionality, not security. When building internal data transformation and movement processes, it is easy to forget that these operations broaden our security footprint, and must be actively managed to ensure that ETL doesn’t become the weak link in the security chain.
In this presentation, we’ll discuss the security features in SQL Server Integration Services, while reviewing best practices for securing your ETL infrastructure while providing enough (but not too much) access to those ETL assets. Among the topics we’ll cover:
Properly securing connection passwords in SSIS
Using package protection levels
Restricting access to deployed packages
Using role-based security for SSIS deployment and execution
Using execution proxies