Good morning everyone!
I haven't been here in a while, but I have a question that I thought someone here might be able to help with.
When it comes to accessing data from a SQL server, I know the logistics of getting that data through code, no issues there, but is it safe (or rather, smart) to have your application interact directly with the SQL server? As in, not using a middle-man or an additional tier?
I've toyed with N-Tier data applications and I find them highly annoying and complicated as well as convoluted.
I know if you run SQL on a web server, and your website talks to the SQL server, that's fine to do (since outside access to the server isn't needed, your application is the only one that can access the server) but with a desktop application, that's not the case, a user could be in Tokyo and another in Los Angeles all accessing the same database.
I guess I'm asking...if my application connects directly to a SQL server, are there any security issues that I need to be aware of?