UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The designer will ensure the application has a capability to display the user’s time and date of the last change in data content.


Overview

Finding ID Version Rule ID IA Controls Severity
V-16818 APP3670 SV-17818r1_rule ECCD-2 Medium
Description
Without access control mechanisms in place, the data is not secure. The time and date display of data content change provides an indication that the data may have been accessed by unauthorized persons, and It may have been compromised, misused, or changed.
STIG Date
Application Security and Development Checklist 2014-01-07

Details

Check Text ( C-17817r1_chk )
Ask the application representative to demonstrate how the application provides the users of time and date of the last change in data content. This may be demonstrated in application logs, audit logs, or database tables and logs.

1) If the application representative cannot demonstrate the above, this is a finding.
Fix Text (F-17230r1_fix)
Implement transaction logs recording access and changes to the data.