As a SentryOne MSP, we have multiple different customers, each with their own SQL Server targets, and each with their own monitoring service, site, and Windows account used for their respective monitoring services.
Assuming that we install the SentryOne monitoring service in the customer's own network / environment, and such a customer has administrative control over the Windows Accounts, they would usually have knowledge of the username and password used by the SentryOne monitoring service.
As such, they would theoretically be able to connect to our central SentryOne repository, where there's also data collected from all of our other customers.
Long story short, as long as someone has direct access to the SQLSentry database, regardless of which account they're using and regardless of what role-based permissions they have, that would mean they have access to data belonging to ALL sites and targets.
The solution? Implement Row-Level Security in SQL Server databases that support it. For more details:
https://docs.microsoft.com/en-us/sql/t-sql/statements/create-security-policy-transact-sql
The predicate function would use the internal SQLSentry tables to check whether the currently connected login has access to view the data in each table.
I see that there are several built-in table functions in the SQLSentry database responsible for checking user rights.
For example, [Security].[GetRightsForActiveUser] (@ObjectRightID int)
I believe it should be fairly simple to define row-level security policies using such functions.
