IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Safeguard Catalogue - Hardware & Software Remarks<br />

____________________________________________________________________ .........................................<br />

S 4.67 Locking and deleting database accounts<br />

which are no longer required<br />

Initiation responsibility: Head of <strong>IT</strong> Section, <strong>IT</strong> Security Management<br />

Implementation responsibility: Administrators<br />

Database accounts which remain unused over an extended period of time<br />

should, if possible, be locked and later deleted. Users of such accounts should<br />

be informed duly before these accounts are locked, and at all events before<br />

they are deleted.<br />

If a to be newly created user only requires a database account for a limited<br />

period of time, then, if the database offers this possibility, the account should<br />

also be established for a limited period. It can prove expedient to establish<br />

accounts initially for a limited period and extend their duration at regular<br />

intervals (e.g. annually) as required.<br />

If a user of a database is expected to remain absent for an extended period of<br />

time (e.g. due to holidays, sick leave, delegation etc.), his database account<br />

should, in order to prevent continued use of his ID over this period, be locked<br />

for this duration. <strong>The</strong> database administrator must be notified of all extended<br />

periods of user absence. It is expedient to have this done by the personnel<br />

department using standard notifications of absence.<br />

Furthermore, the database administration should be informed as quickly as<br />

possible about user departures. <strong>The</strong> accounts of departing users should be<br />

deleted no later than on their last day of work.<br />

Additional controls:<br />

- Do rules on the organisation of temporary database accounts exist,<br />

particularly if the database system does not support the creation of such<br />

accounts?<br />

- How are checks made as to which database accounts are no longer used?<br />

- Are regular checks made as to which database accounts are no longer<br />

required?<br />

- Is the database administration informed about users who are to depart or<br />

remain absent for extended periods?<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!