- Agencies need to understand the risk profile of information they manage and ensure appropriate controls are in place to protect this information. Based on the risk profile of the information, agencies should determine and implement adequate controls over databases and systems to prevent serious exposures that could lead to the compromise of information managed by agencies.
- Specifically, agencies should:
a) use the principle of least privilege and grant only those privileges needed to perform the business requirements of a role. All user accounts (active/locked) should be given strong passwords and set to expire
b) assess, test and deploy vendor security updates in a timely manner to prevent attackers exploiting known security vulnerabilities
c) assess risks with configuration options on the database and determine if it is actually required to be enabled. Locking down privileges and ensuring secure configurations are in place make systems resilient to attackers
d) not use information in production databases in testing or development databases unless the testing or development environments are accredited to the same standard as the production environment
e) place database servers behind network or application level firewalls and only provide access to systems and users that have business requirements to do so
f) further protect databases that store sensitive information using a number of methods such as encryption, virtual private database or data redaction. If live data is to be used for development purposes, it should be disguised so that it cannot be used inappropriately.