Hi all. I'm attempting to generate policies and procedures for dealing with
the possibility of classified data contamination in a SPS 2003 deployment,
which uses SQL 2000 for storage of all content. By "classified data
contamination", I mean that a user accidentally puts classified data into an
unclassified system, which is a major no-no. This is purely a SQL 2000 issue
- just mentioning SPS 2003 for background info.
Basically, I need to make sure that once a content item is deleted via SPS
2003 (which deletes the associated rows for the content item from the SQL
2000 content DB - yes, I have checked), that it's extremely difficult to
retrieve the content item or any residual data from it.
I conducted the following test series:
1. Upload a test "classified" word document into SPS 2003.
2. Delete the test "classified" word document via SPS 2003 (at this point
all the DB rows associated with the document are gone - can't see them in
EM/Query Analyzer). Text of data file still contains the text of the documen
t.
3. Shrink the DB via DBCC SHRINKDATABASE. Text of data file still contains
the text of the document.
4. Shrink the individual files in the DB via DBCC SHRINKFILE. Text of data
file still contains the text of the document.
Only idea I've found is scripting out the DB and rebuilding it, but this is
DML-based, which would void support for SPS. Any other ideas?How are you verifying that ' Text of data file still contains the text of th
e
document'?
"BAG" wrote:
> Hi all. I'm attempting to generate policies and procedures for dealing wit
h
> the possibility of classified data contamination in a SPS 2003 deployment,
> which uses SQL 2000 for storage of all content. By "classified data
> contamination", I mean that a user accidentally puts classified data into
an
> unclassified system, which is a major no-no. This is purely a SQL 2000 iss
ue
> - just mentioning SPS 2003 for background info.
> Basically, I need to make sure that once a content item is deleted via SPS
> 2003 (which deletes the associated rows for the content item from the SQL
> 2000 content DB - yes, I have checked), that it's extremely difficult to
> retrieve the content item or any residual data from it.
> I conducted the following test series:
> 1. Upload a test "classified" word document into SPS 2003.
> 2. Delete the test "classified" word document via SPS 2003 (at this point
> all the DB rows associated with the document are gone - can't see them in
> EM/Query Analyzer). Text of data file still contains the text of the docum
ent.
> 3. Shrink the DB via DBCC SHRINKDATABASE. Text of data file still contains
> the text of the document.
> 4. Shrink the individual files in the DB via DBCC SHRINKFILE. Text of data
> file still contains the text of the document.
> Only idea I've found is scripting out the DB and rebuilding it, but this i
s
> DML-based, which would void support for SPS. Any other ideas?
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment