This article discusses the security of Dataedo solution.
Where data is stored?
All data gathered by Dataedo is stored in a repository - this is a database or a file hosted in your environment and is not shared anywhere on the Internet/cloud.
Server repository can be SQL Server on premises, SQL Server on cloud or Azure SQL Database. In any case this database is provided by you and under your control. We do not have access to it at no time.
File can be stored on local disk, shared folder or anywhere on any of the private and public clouds.
Is any data sent outside your environment?
We send a minimum amount of data to our servers.
We send to our database information about the fact that program was launched and user successfully logged into their repository. This information contains:
- IP address
- Trial/license key ID
- Key type
- Program version
This report can be blocked with firewall without negative impact on the programs.
License checks (planned)
In near future we are planning to maintain license information on our servers. The program will check it during each launch or log in.
Whenever our application crashes we ask the user to send us a report. No report is sent without user confirmation.
This information includes:
- Crash message and stack trace
- Repository database edition and version
- OS version
- DBMS and version of the documented database
- IP address
User email (if provided)
Potentially sensitive information included in crash reports
Crash reports can potentially contain sensitive information within message or stack trace. We recommend reviewing them before sending. Those may be (list is not complete):
- Repository or export file path on the disk (may contain user login)
- Database or host name
Dataedo file repository has no built in access control, anyone with access to the file can access data stored in it. You provide security with operating system limiting access to the file itself.
Access to data in server repository, whether using UI or directly connecting to the database, is secured with SQL Server authentication and authorization.
Exports have no built in access control. Anybody with access to the files can access its content.
Administrators of SQL Server instance that hosts Dataedo repository, or owners of repository database are automatically administrators of users. More on this here.
Impact on documented data sources
Changes to schema
Dataedo does not modify the schema of documented databases.
Changes to data
Dataedo does not modify the data of documented databases.
Changes to metadata
Dataedo can modify comments/descriptions/extended properties of tables, columns and other database objects but does it only as an explicit operation initiated by user (see Exporting descriptions to database).
Dataedo allows working on documentation being offline from documented databases. This allows minimizing access to actual databases to specified users that will connect and import metadata, and leaving other users with access only to Dataedo repository.
Is actual data being extracted?
As of Dataedo 7 no actual data (i.e. records from tables or views)) is being extracted from the data sources - only metadata: table, column information, stored programs (user-defined functions, stored procedures, triggers).
Potentially sensitive metadata
You need to be aware that metadata imported from your databases (which includes mostly table and column names) may contain sensitive information, such as:
- Table, column descriptions
- Stored procedures code (may contain sensitive information in code comments)
Use database repository
From the security perspective, it is advised to use server repository rather than a file repository.
Use Windows authentication
It is advised to use Windows authentication over other options.
Read only accounts
To increase security and safety of your databases use read only user accounts with minimum access levels to read metadata from your documented databases.
Use named Dataedo users
Do not use shared Dataedo user accounts and always create named users.
Use encrypted database connection (repository)
Whenever possible use encrypted connection to read metadata from your databases.
Do not save passwords to connections
Even though it is very convenient to save passwords for your connections in Dataedo repository, we don't recommend that. Passwords are stored in encrypted form, but it creates an unnecessary security vulnerability.
Secure HTML (and other) exports
When using a database repository, all data stored by Dataedo is secured with a login/password. However, the exported documentation to HTML, PDF, or Excel is not secured with login/password.
Please secure it with additional measures if you want to limit access only to specific end users.
Limit users with access to documented databases
Not everyone needs to have access to the source databases to create a documentation in Dataedo. At least one person needs to connect to data sources and import metadata to Dataedo repository and other users may work on it. Limit users that have access to documented databases to the ones that really need it.