topic hiding Libname ODBC in DI_studio in Production in SAS Data Management https://communities.sas.com/t5/SAS-Data-Management/hiding-Libname-ODBC-in-DI-studio-in-Production/m-p/357237#M10722 <P>A libname X&nbsp;to &nbsp;ODBC statetement with Authdomain parameter is&nbsp;being used in&nbsp; a Test environment in Di_Studio&nbsp;4.6.</P><P>Libref contains tables with&nbsp;high-confidential data.</P><P>In Acceptance enviroment Di_studio &nbsp;the Libname X&nbsp;is still visible for developers.</P><P>The libname definition X will&nbsp;&nbsp;be&nbsp;secured.</P><P>&nbsp;</P><P>However,&nbsp;the definition&nbsp;may still&nbsp;be derived by SAS&nbsp; developer&nbsp;using naming conventions.&nbsp;Once the Authdomain parameter is&nbsp;known,&nbsp;the developer can have to the table. Also the SAS &nbsp;log (which can be protected) may show the libname statement also.</P><P>The administrator (SAS) only should create/modify the libname in Acceptanace.</P><P>&nbsp;</P><P>Are there best pratices within&nbsp; SAS &nbsp;to prevent a developer using&nbsp;a Libname with the appropriate to access the tables in Production?</P><P>&nbsp;</P><P>Thank you&nbsp;for suggestions. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</P> Wed, 10 May 2017 08:15:20 GMT KC_Chan 2017-05-10T08:15:20Z hiding Libname ODBC in DI_studio in Production https://communities.sas.com/t5/SAS-Data-Management/hiding-Libname-ODBC-in-DI-studio-in-Production/m-p/357237#M10722 <P>A libname X&nbsp;to &nbsp;ODBC statetement with Authdomain parameter is&nbsp;being used in&nbsp; a Test environment in Di_Studio&nbsp;4.6.</P><P>Libref contains tables with&nbsp;high-confidential data.</P><P>In Acceptance enviroment Di_studio &nbsp;the Libname X&nbsp;is still visible for developers.</P><P>The libname definition X will&nbsp;&nbsp;be&nbsp;secured.</P><P>&nbsp;</P><P>However,&nbsp;the definition&nbsp;may still&nbsp;be derived by SAS&nbsp; developer&nbsp;using naming conventions.&nbsp;Once the Authdomain parameter is&nbsp;known,&nbsp;the developer can have to the table. Also the SAS &nbsp;log (which can be protected) may show the libname statement also.</P><P>The administrator (SAS) only should create/modify the libname in Acceptanace.</P><P>&nbsp;</P><P>Are there best pratices within&nbsp; SAS &nbsp;to prevent a developer using&nbsp;a Libname with the appropriate to access the tables in Production?</P><P>&nbsp;</P><P>Thank you&nbsp;for suggestions. &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</P> Wed, 10 May 2017 08:15:20 GMT https://communities.sas.com/t5/SAS-Data-Management/hiding-Libname-ODBC-in-DI-studio-in-Production/m-p/357237#M10722 KC_Chan 2017-05-10T08:15:20Z Re: hiding Libname ODBC in DI_studio in Production https://communities.sas.com/t5/SAS-Data-Management/hiding-Libname-ODBC-in-DI-studio-in-Production/m-p/357536#M10734 You can't base security on having a secret syntax!<BR />Protect the data at the source - hence a login from an unathorized user will be rejected or data that is not for him/her to see will not be visible. Wed, 10 May 2017 15:37:56 GMT https://communities.sas.com/t5/SAS-Data-Management/hiding-Libname-ODBC-in-DI-studio-in-Production/m-p/357536#M10734 LinusH 2017-05-10T15:37:56Z