Should I Use a Separate SQL Server Instance for a Database with PII?
We build software which needs a SQL SERVER database. This database will hold private user information such as addresses and bank details.
My question is: Should I install my database in a fresh SQL Server instance, or can I use an existing instance?
If the existing database has strong security controls, then there’s no reason to have a separate one. However, if there are not strong controls on the existing database, and setting up strong security controls is not possible, then you will need to have a separate database to better protect the data.