S 2.128 Controlling access to a database system

Initiation responsibility: Head of IT Section, IT Security Management

Implementation responsibility: Administrators

The database software must possess suitable mechanisms for user identification and authentication in order to ensure effective access control (refer to S 2.132 Provisions for configuring database users / user groups).

In general, standard users must be denied access to production databases via an interactive SQL interpreter. It should only be possible to access such databases indirectly via the corresponding applications. Database IDs for administrative purposes constitute the only exception here.

Remote access to databases must be severely restricted. Unless remote access is absolutely necessary, it must be prohibited. Otherwise, remote access should only be granted to users who actually require it. Other users must not be allowed to obtain remote access independently. On no account must remote access be possible without the entry of a valid user ID and password.

Additional controls:

• Are the accounts of individual users managed directly? If so, for which reasons was group management not chosen?

• Are there any user IDs with direct access to a database? If so, what are the reasons for this direct access?

• Have the possibilities of remote access to the database currently in use been investigated and, if applicable, disabled?