IT Baseline Protection Manual - The Information Warfare Site

Other IT Components Telecommuting
_________________________________________________________________________________________
It is advisable to install the database server in a separate server room. The appropriate measures are
described in Chapter 4.3.2. If an office is used simultaneously as a server room, the safeguards
described in Chapter 4.3.1 must also be implemented.
If the database server is installed in a protective cabinet, also refer to Chapter 4.4 Protective Cabinets.
The following essential steps must also be taken for databases:
1. Determining the requirements to be fulfilled by the database software.
First prepare a requirements catalogue to allow the selection of a suitable standard database
software (S 2.80 and S 2.124).
2. Training administrators
Before the database software is used in a productive environment, the responsible administrators
must be trained (S 3.11). If possible, this should be done before procuring the software package.
3. Design a database concept
Before using the database software, design a database concept which describes the installation and
configuration of the database software, the suitable concept for database users and their access
rights, as well as the application-specific database. Depending on the capacity and environment of
the database as well as the selected standard database software, such a concept can be very
extensive (S 2.125, S 2.128, S 2.129 and S 2.126).
4. Operating the database
Commissioning and operation of the database include the implementation of the database concept,
as well as continuous monitoring of the DBMS in order to ensure the availability, data integrity and
protection of confidential data. The most important safeguards here concern documentation (S
2.25, S 2.31, S 2.34), administration (S 2.130, S 2.133) and utilisation of the database.
5. Contingency planning
In addition to the general safeguards relating to this topic, it is important to consider databasespecific
circumstances in order to keep data losses and recovery times within reasonable limits in
the event of a system crash or database crash. (S 6.32, S 6.49, S 6.50).
The safeguard package for databases is listed in the following:
_________________________________________________________________________________________
IT-Baseline Protection Manual: Otober 2000