0

My company has a website with data stored in Microsoft SQL Server on the production server. The production server is not in Active Directory. The firewall allows connections to the production SQL server from the company offices.

I need to import data from this production server into Excel regularly. The data import should be runnable by 2-5 different persons.

The Excel file is a complex workbook with many tabs. The data from the SQL Server should be imported into one of the tabs. Users are used to doing it via clicking on Data/Refresh all in Excel few times a week.

Requiring users to manually download the CSV file with the data export and manually import it into the Excel is not practical. However, if it can be automated so the user get a data after the click on one button in Excel, it would be OK.

Which authentication option should I use?

The following options are considered:

SQL Server authentication

Easy, but the password to the database is stored in Excel as clear text. The Excel file can be shared easily, and I will not have any control over it. I can mitigate some risks by using the SQL server account that has access only to the minimal set of views needed for the data import and hoping that even if the Excel is shared outside the organization the external attacker would not be able to gain any access to the production server because it will be blocked by the firewall.

Windows authentication with the same password

The production server and the office are not in the same AD. I can create a Windows user account on the production server for the guys from the office with the same username and the same password as they have in AD. The Windows auth will work for Excel data import without requiring to enter the password. The downside is that I'm creating accounts on the production server for people, who don't need it for anything else than the data import. If the client machine is compromised by malware, the risk of spreading it to the production server is greater, because there is no need to enter the password again.

Windows authentication with different passwords

Same as above, but the password has to be entered each time the data import is performed. It will make it harder for the malware to spread. The inconvenience of entering the password repeatedly can be mitigated by using the password manager.

Database replica in the office plus AD Authentication

In this scenario, the production database is replicated automatically to the machine located in the office that is in the AD. Users from the office would be able to access the data using Windows authentication. The downside of it is setting up the database replication and maintaining it.

Best practices

What are the best security practices for importing data from the production database to Excel? What would you recommend?

Improve this question
5
  • And there's a lot that you haven't explained. For instance, how is "Excel" accessing the database server to perform this data connection? VPN? How are you getting around the firewall? I really hope the database is not directly exposed to the Internet. If you have a secure and authenticated connection, then your risks go down and you don't need to worry about a lot of the risks you've mentioned.
    – schroeder
    CommentedNov 27, 2023 at 13:57
  • " I can create a Windows user account on the production server... with the same username and the same password as they have in AD." -- this is anti- best practice. Don't ever do this.
    – schroeder
    CommentedNov 27, 2023 at 13:59
  • Ad malware: thanks for the question. We are most afraid of two things: 1) untargeted disk encrypting ransomware. I want to lower the possibility of spreading it from the office network to production serverts 2) supply chain attack. We are creating software libraries that are distributed via the website mentioned above. Our libs are also used by some big tech names and our company can be used as an attack vector to reach them. If the attacker gains an access to the webserver it would make it easier for him to modify or replace our distribution binaries for example.
    – DougM
    CommentedNov 27, 2023 at 14:14
  • Welcome to the community. It's hard to tell without even a rough infrastructure setup...
    – Sir Muffington
    CommentedNov 27, 2023 at 18:11
  • 1
    You should never allow direct connection to a DB. Use an API you can call and let the server hosting it do the DB lookups. Personally I'd just create an intranet you could log into and have an "Export XLS" button that downloads the excel file. (the back end can generate the file from a DB lookup) Then let the other excel file import that as another sheet.
    – browsermator
    CommentedNov 28, 2023 at 22:40

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.