ECCD-1 Changes to Data
Overview
Access control mechanisms exist to ensure that data is accessed and changed only by authorized personnel.
| MAC / CONF | Impact | Subject Area |
|---|---|---|
| MACIII | Medium | Enclave Computing Environment |
Details
| Threat |
|---|
| Lack of proper access controls would allow unauthorized users to gain access to the system. Â This implementation guide is aimed to help system administrator to implement proper access controls based on user privileges. |
| Guidance |
|---|
| 1. The system, database, and/or application administrators shall create user accounts only upon approval of System Access Request by authorized personnel (e.g., user manager/supervisor/IAM/IAO). 2. The system, database, and/or application administrators shall determine user privileges required to perform their job functions. 3. The system, database, and/or application administrators shall configure the system software (e.g., operating system, database, and application) to which users have access to read or modify data to perform job functions in accordance with DISA STIGs applicable to the software based on the least privileges and need to know. |
References
- CJCSI - Information Assurance (IA) and Computer Network Defense (CND)
- CJCSM 6510.01, Defense-in-Depth: Information Assurance (IA) and Computer Network Defense (CND), 10 August 2004
- DISA Windows NT Security Checklist, 10 December 2004
- DISA Windows 2003 Security Checklist (draft), 10 December 2004
- DISA Unix STIG, 15 September 2003
- DISA UNISYS STIG, 22 July 2003
- DISA Database STIG, Version 7, Release 1, 29 October 2004