This is a bit of a vaguely-worded question, but I am sure that at a training course I attended recently, either for SQL Server 2014 or 2012, the instructor said that there was a new feature (?) that allowed a user to operate with all of the sa/sysadmin permissions [b]except[/b] the ability to see the data within the databases. Does anybody know what I mean? I've tried to Google it but I'm drawing a blank. Basically, we (my employer) would like to be able to reassure our clients whose data we hold that in the course of a normal day, the DBAs who manage their databases aren't able to see their data (unless for a very specific reason, which would be audited). Any ideas please? Is it just a question of setting up a user-defined server role with the right 'deny', or is there actually some new functionality above and beyond that?Thanks
↧
