Restricting Access
Steps to restrict database access within an organization:
- Implement Separation of duties (SOD) a preventive control.
- Establish test and production environments which is preventive control.
- Restrict user account and Database administrator access which is a preventive control.
- Turn on audit trails, monitoring software, or exception reports which are detective controls.
Elements to restrict include:
- Data access (Successful/Failed Selects)
- Data Changes (Insert, Update, Delete)
- System Access (Successful/Failed Logins; User/Role/Permissions/Password changes)
- Privileged User Activity (All)
- Schema Changes (Create/Drop/Alter Tables, Columns, Fields)
Read more about this topic: Restricting Access To Databases
Famous quotes containing the words restricting and/or access:
“We enunciate a grand principle, then we are timid and begin restricting its application. We are a nation of infidels to principle.”
—Mary F. Eastman, U.S. suffragist. As quoted in History of Woman Suffrage, vol. 4, ch. 7, by Susan B. Anthony and Ida Husted Harper (1902)
“The Hacker Ethic: Access to computers—and anything which might teach you something about the way the world works—should be unlimited and total.
Always yield to the Hands-On Imperative!
All information should be free.
Mistrust authority—promote decentralization.
Hackers should be judged by their hacking, not bogus criteria such as degrees, age, race, or position.
You can create art and beauty on a computer.
Computers can change your life for the better.”
—Steven Levy, U.S. writer. Hackers, ch. 2, “The Hacker Ethic,” pp. 27-33, Anchor Press, Doubleday (1984)