You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Decent DBMS should have Security Policies, something like is done in MS Active Directory.
Security Policy consist of a set of Policies: Password Security Policy, Account Security Policy, etc...
Policies define a set of rules rules that should be applied per server/database.
Password Policy include:
a. Password Expiration
b. Password Complexity
c. Minimum Password Length
d. etc...
Account Policy include
a. Account lockout settings (retries, time etc...)
b. etc...
Also woult be nice to apply diffirent set of policies to diffirent roles / security groups (for example accountants should change their password every month, other read only operators every year).
These requirements are present in recent database security standarts, and at least all major audit companies asks for it.
The text was updated successfully, but these errors were encountered:
Submitted by: Marcoci Dorin (marcodor)
Votes: 1
Decent DBMS should have Security Policies, something like is done in MS Active Directory.
Security Policy consist of a set of Policies: Password Security Policy, Account Security Policy, etc...
Policies define a set of rules rules that should be applied per server/database.
Password Policy include:
a. Password Expiration
b. Password Complexity
c. Minimum Password Length
d. etc...
Account Policy include
a. Account lockout settings (retries, time etc...)
b. etc...
Also woult be nice to apply diffirent set of policies to diffirent roles / security groups (for example accountants should change their password every month, other read only operators every year).
These requirements are present in recent database security standarts, and at least all major audit companies asks for it.
The text was updated successfully, but these errors were encountered: