nd.gov - The Official Portal for North Dakota State Government
North Dakota: Legendary. Follow the trail of legends

Enterprise Database Security

Policy Code: 
DIT003-06.1
Effective Date: 
May 15, 2006
Revision Number: 
1

Purpose

Prevent unauthorized access to data in databases and achieve efficiencies in database consolidation. Adherence to this standard will ensure data consistency, proper management of disaster recovery, backups, point in time recovery processes and application testing.

Standard

  1. Every database will have at least three distinct areas: development, acceptance testing and production.
  2. Administrative privileges on production and acceptance testing database areas:
    • Multi-agency shared infrastructure will be restricted to the agency hosting the database.
    • Single agency infrastructure will be restricted to the either the agency hosting the database or the agency’s DBA staff.
  3. Migrating changes from acceptance test to production requires that the agency who owns the data have a formal acceptance testing and sign off process.
  4. Agency assigned developers will have developer privileges to development database areas.
  5. Create user privileges on all database areas will be restricted to the database or security administrators.
  6. Access to system level views of database catalog information will be restricted.
  7. Migrating changes from development to acceptance test is requested by the agency assigned developers.
  8. Database scripts which modify database objects will be reviewed, approved, and run on production and acceptance test databases by the database administrators.
  9. Installation and creation of production, acceptance test and development databases for new systems must be performed by the database administrators.
  10. User authentication shall utilize the enterprise Microsoft Active Directory if supported by the Database.
  11. Personnel administering vendor applications that control changes to database objects through the vendor's tool and not scripts will be allowed to apply upgrades to all database areas. Prior to deployment in production, the changes created by the tool must be reviewed to assure that all changes adhere to this standard. In addition, before any changes are made to any database area, backups must be taken for recovery purposes.

Policy

     Administrative privileges are not freely given to applications or non-administrative personnel.

Applicability

This standard applies to all executive branch state agencies excluding the University Systems Office and other higher education institutions, i.e campuses and agricultural and research centers.

Definition

Administrative Privileges:
Administrative privileges include the administration of a database, database objects and users.  These privileges are explained in the following categories:
  • Privileges to perform system wide actions that affect the whole database, which in turn can affect recoverability and performance. These privileges allow the administration of database objects such as tablespaces, rollback segments, and control files. They allow users to change database parameters and restrict a database or terminate user sessions.
  • Privileges to modify all database objects defined in the database, which may be for multiple agencies and/or multiple applications. These privileges are ones that include the keyword "ANY" which allows access to all objects in a database regardless of who owns them, such as “DROP ANY TABLE”.
  • Privileges to access all the data and code in a database, which can be for multiple agencies and/or multiple applications. For example using the keyword ANY (SELECT ANY TABLE).
  • Privileges to setup database security. For example allowing the creation of users (end users and table owners) in a database, granting object privileges, creating and granting roles, creating profiles, and granting the ability to grant security to another user via the keywords “WITH ADMIN OPTION” and “WITH GRANT OPTION”.
Developer Privileges:
Developer privileges include the modification of a specific set of database objects.  For example using the commands ALTER, CREATE, and DROP of database objects such as tables, functions, procedures, triggers, views, and roles.

Guidance

  1. Database Security Best Practices

Non-Compliance

Non-compliance with this standard shall be reported to the Office of the State Auditor.

Version Control: 
This is a new standard.

Drafted By

EA Domain Team for Data/Information

 

What Our Customers Are Saying

The ITD team did a excellent job...thank you so much.

Bank of North Dakota
April 18, 2013
 
 

Copyright © 2013 North Dakota Information Technology Department - ITD
Download Adobe Reader to view, print and collaborate on PDF files.