0

We have 20 clients which currently every client has his own database on his own server(in his own environment)

all the databases have the same structure(schema) and all of them has MS Sql Server 2008 64 bit

we would like to move all the databases to central place

what the best practices for doing that?

  1. all databases under one instance
  2. each database has it's own instance

can we achieve the best security practices if we have all the databases under one instance?

is there any guidelines for my case?

Muhammad Nour
  • 103
  • 1
  • 4

1 Answers1

2

This depends on your security needs. Having multiple server offers the benefit that you don't have any shared system between the clients.

Putting all databases on one host, has at least the operating system and available data as shared component. Compromising the server will offer access to the data (except everything is encrypted within the databases).

Using multiple instances and bindings on different ports, offers the benefit that you can at least restrict access on a network basis which may be an additional shield.

And finally putting all in one instance will also work - as long as no application requires access to server resources and is completely sufficent with access to it's own database (take situations like updates and backups in concern - some applications required under this circumstances additional access). Having unique and strong credentials (or windows auth) as authentication, the security may be enough.

I personally would not recommend to put multiple customers onto the same host - having one compromised customer is a good starting point to get deeper into your network and may create a bridge to other customers.

Daniel Nachtrub
  • 1,022
  • 7
  • 12