T 2.41 Poor organisation of the exchange of database users

In situations where several users of a database share the same workstation, inadvertent or deliberate data manipulations might result if the changes between these users are poorly organised or undertaken incorrectly. Here too, the confidentiality of the data is no longer guaranteed.

Example:

If an application that accesses a database is not exited correctly before a change of user occurs, the different authorisation profiles of the affected users will give rise to the afore-mentioned threats. This will also subvert the logging function of the database that records the data modifications, and also those tasks performed under the active user ID. However this ID will no longer correspond to the user who is actually logged in.