hiding Libname ODBC in DI_studio in Production

KC_Chan · Posted 05-09-2017 12:22 PM

A libname X to ODBC statetement with Authdomain parameter is being used in a Test environment in Di_Studio 4.6.

Libref contains tables with high-confidential data.

In Acceptance enviroment Di_studio the Libname X is still visible for developers.

The libname definition X will be secured.

However, the definition may still be derived by SAS developer using naming conventions. Once the Authdomain parameter is known, the developer can have to the table. Also the SAS log (which can be protected) may show the libname statement also.

The administrator (SAS) only should create/modify the libname in Acceptanace.

Are there best pratices within SAS to prevent a developer using a Libname with the appropriate to access the tables in Production?

Thank you for suggestions.

LinusH · Posted 05-10-2017 11:37 AM

You can't base security on having a secret syntax!
Protect the data at the source - hence a login from an unathorized user will be rejected or data that is not for him/her to see will not be visible.

Data never sleeps

hiding Libname ODBC in DI_studio in Production

Re: hiding Libname ODBC in DI_studio in Production

Registration is open