Hi all. I'm attempting to generate policies and procedures for dealing with
the possibility of classified data contamination in a SPS 2003 deployment,
which uses SQL 2000 for storage of all content. By "classified data
contamination", I mean that a user accidentally puts classified data into an
unclassified system, which is a major no-no. This is purely a SQL 2000 issue
- just mentioning SPS 2003 for background info.
Basically, I need to make sure that once a content item is deleted via SPS
2003 (which deletes the associated rows for the content item from the SQL
2000 content DB - yes, I have checked), that it's extremely difficult to
retrieve the content item or any residual data from it.
I conducted the following test series:
1. Upload a test "classified" word document into SPS 2003.
2. Delete the test "classified" word document via SPS 2003 (at this point
all the DB rows associated with the document are gone - can't see them in
EM/Query Analyzer). Text of data file still contains the text of the document.
3. Shrink the DB via DBCC SHRINKDATABASE. Text of data file still contains
the text of the document.
4. Shrink the individual files in the DB via DBCC SHRINKFILE. Text of data
file still contains the text of the document.
Only idea I've found is scripting out the DB and rebuilding it, but this is
DML-based, which would void support for SPS. Any other ideas?How are you verifying that ' Text of data file still contains the text of the
document'?
"BAG" wrote:
> Hi all. I'm attempting to generate policies and procedures for dealing with
> the possibility of classified data contamination in a SPS 2003 deployment,
> which uses SQL 2000 for storage of all content. By "classified data
> contamination", I mean that a user accidentally puts classified data into an
> unclassified system, which is a major no-no. This is purely a SQL 2000 issue
> - just mentioning SPS 2003 for background info.
> Basically, I need to make sure that once a content item is deleted via SPS
> 2003 (which deletes the associated rows for the content item from the SQL
> 2000 content DB - yes, I have checked), that it's extremely difficult to
> retrieve the content item or any residual data from it.
> I conducted the following test series:
> 1. Upload a test "classified" word document into SPS 2003.
> 2. Delete the test "classified" word document via SPS 2003 (at this point
> all the DB rows associated with the document are gone - can't see them in
> EM/Query Analyzer). Text of data file still contains the text of the document.
> 3. Shrink the DB via DBCC SHRINKDATABASE. Text of data file still contains
> the text of the document.
> 4. Shrink the individual files in the DB via DBCC SHRINKFILE. Text of data
> file still contains the text of the document.
> Only idea I've found is scripting out the DB and rebuilding it, but this is
> DML-based, which would void support for SPS. Any other ideas?|||Didn't have to do anything fancy to do the verification, actually. Using a
text editor robust enough to allow me to view the large data files (I've used
TextPad, UltraEdit 32, and Boxer on various occasions), I did the following:
1. Opened the file.
2. Used the Find function to search for marker text strings I placed in the
document.
3. Found the marker text strings. These were embedded in the full text of
the document, which was present in its entirety.
-B
"Absar Ahmad" wrote:
> How are you verifying that ' Text of data file still contains the text of the
> document'?
> "BAG" wrote:
> > Hi all. I'm attempting to generate policies and procedures for dealing with
> > the possibility of classified data contamination in a SPS 2003 deployment,
> > which uses SQL 2000 for storage of all content. By "classified data
> > contamination", I mean that a user accidentally puts classified data into an
> > unclassified system, which is a major no-no. This is purely a SQL 2000 issue
> > - just mentioning SPS 2003 for background info.
> >
> > Basically, I need to make sure that once a content item is deleted via SPS
> > 2003 (which deletes the associated rows for the content item from the SQL
> > 2000 content DB - yes, I have checked), that it's extremely difficult to
> > retrieve the content item or any residual data from it.
> >
> > I conducted the following test series:
> > 1. Upload a test "classified" word document into SPS 2003.
> > 2. Delete the test "classified" word document via SPS 2003 (at this point
> > all the DB rows associated with the document are gone - can't see them in
> > EM/Query Analyzer). Text of data file still contains the text of the document.
> > 3. Shrink the DB via DBCC SHRINKDATABASE. Text of data file still contains
> > the text of the document.
> > 4. Shrink the individual files in the DB via DBCC SHRINKFILE. Text of data
> > file still contains the text of the document.
> >
> > Only idea I've found is scripting out the DB and rebuilding it, but this is
> > DML-based, which would void support for SPS. Any other ideas?|||Are you opening 'data files' of the SQL Server Database?
I am sorry if my question looks stupid.
"BAG" wrote:
> Didn't have to do anything fancy to do the verification, actually. Using a
> text editor robust enough to allow me to view the large data files (I've used
> TextPad, UltraEdit 32, and Boxer on various occasions), I did the following:
> 1. Opened the file.
> 2. Used the Find function to search for marker text strings I placed in the
> document.
> 3. Found the marker text strings. These were embedded in the full text of
> the document, which was present in its entirety.
> -B
> "Absar Ahmad" wrote:
> > How are you verifying that ' Text of data file still contains the text of the
> > document'?
> >
> > "BAG" wrote:
> >
> > > Hi all. I'm attempting to generate policies and procedures for dealing with
> > > the possibility of classified data contamination in a SPS 2003 deployment,
> > > which uses SQL 2000 for storage of all content. By "classified data
> > > contamination", I mean that a user accidentally puts classified data into an
> > > unclassified system, which is a major no-no. This is purely a SQL 2000 issue
> > > - just mentioning SPS 2003 for background info.
> > >
> > > Basically, I need to make sure that once a content item is deleted via SPS
> > > 2003 (which deletes the associated rows for the content item from the SQL
> > > 2000 content DB - yes, I have checked), that it's extremely difficult to
> > > retrieve the content item or any residual data from it.
> > >
> > > I conducted the following test series:
> > > 1. Upload a test "classified" word document into SPS 2003.
> > > 2. Delete the test "classified" word document via SPS 2003 (at this point
> > > all the DB rows associated with the document are gone - can't see them in
> > > EM/Query Analyzer). Text of data file still contains the text of the document.
> > > 3. Shrink the DB via DBCC SHRINKDATABASE. Text of data file still contains
> > > the text of the document.
> > > 4. Shrink the individual files in the DB via DBCC SHRINKFILE. Text of data
> > > file still contains the text of the document.
> > >
> > > Only idea I've found is scripting out the DB and rebuilding it, but this is
> > > DML-based, which would void support for SPS. Any other ideas?|||Exactly. In this case, the DB in question just has one data file (.mdf) and
one log file
(.ldf). I found the text of the document in the .mdf even after I confirmed
it was deleted in the tables.
-B
"Absar Ahmad" wrote:
> Are you opening 'data files' of the SQL Server Database?
> I am sorry if my question looks stupid.
> "BAG" wrote:
> > Didn't have to do anything fancy to do the verification, actually. Using a
> > text editor robust enough to allow me to view the large data files (I've used
> > TextPad, UltraEdit 32, and Boxer on various occasions), I did the following:
> >
> > 1. Opened the file.
> > 2. Used the Find function to search for marker text strings I placed in the
> > document.
> > 3. Found the marker text strings. These were embedded in the full text of
> > the document, which was present in its entirety.
> >
> > -B
> >
> > "Absar Ahmad" wrote:
> >
> > > How are you verifying that ' Text of data file still contains the text of the
> > > document'?
> > >
> > > "BAG" wrote:
> > >
> > > > Hi all. I'm attempting to generate policies and procedures for dealing with
> > > > the possibility of classified data contamination in a SPS 2003 deployment,
> > > > which uses SQL 2000 for storage of all content. By "classified data
> > > > contamination", I mean that a user accidentally puts classified data into an
> > > > unclassified system, which is a major no-no. This is purely a SQL 2000 issue
> > > > - just mentioning SPS 2003 for background info.
> > > >
> > > > Basically, I need to make sure that once a content item is deleted via SPS
> > > > 2003 (which deletes the associated rows for the content item from the SQL
> > > > 2000 content DB - yes, I have checked), that it's extremely difficult to
> > > > retrieve the content item or any residual data from it.
> > > >
> > > > I conducted the following test series:
> > > > 1. Upload a test "classified" word document into SPS 2003.
> > > > 2. Delete the test "classified" word document via SPS 2003 (at this point
> > > > all the DB rows associated with the document are gone - can't see them in
> > > > EM/Query Analyzer). Text of data file still contains the text of the document.
> > > > 3. Shrink the DB via DBCC SHRINKDATABASE. Text of data file still contains
> > > > the text of the document.
> > > > 4. Shrink the individual files in the DB via DBCC SHRINKFILE. Text of data
> > > > file still contains the text of the document.
> > > >
> > > > Only idea I've found is scripting out the DB and rebuilding it, but this is
> > > > DML-based, which would void support for SPS. Any other ideas?
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment