Access to sensitive data should be restricted to authorized users identified by the Information Owner.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-15630	DG0122-SQLServer9	SV-24307r1_rule	ECAN-1	Medium

Description
Unauthorized access to sensitive data can lead to unauthorized disclosure, modification or accountability. Access to sensitive data that is granted that is not restricted at all levels based on job function may be exploited regardless of attempts to control. An example of this is a web application that serves general users, but that access sensitive data in a backend database using an account with elevated privileges. This provides a means for the web application user to exploit the application to gain unauthorized access to data in the database. Where the user never has access to a path with excess privileges, unauthorized access is more difficult to gain.

Description

Unauthorized access to sensitive data can lead to unauthorized disclosure, modification or accountability. Access to sensitive data that is granted that is not restricted at all levels based on job function may be exploited regardless of attempts to control. An example of this is a web application that serves general users, but that access sensitive data in a backend database using an account with elevated privileges. This provides a means for the web application user to exploit the application to gain unauthorized access to data in the database. Where the user never has access to a path with excess privileges, unauthorized access is more difficult to gain.

STIG	Date
Microsoft SQL Server 2005 Database Security Technical Implementation Guide	2015-06-16

Details

Check Text ( C-13833r1_chk )
If no data is identified as being sensitive or classified by the Information Owner, in the System Security Plan or in the AIS Functional Architecture documentation, this check is Not a Finding. If no identified sensitive or classified data requires encryption by the Information Owner in the System Security Plan and/or AIS Functional Architecture documentation, this check is Not a Finding. Review privilege assignments to sensitive data stored in the database. Compare assigned privileges to those that are authorized in the System Security Plan. If unauthorized access is granted or sensitive data access requirements are not documented, this is a Finding.

Check Text ( C-13833r1_chk )

If no data is identified as being sensitive or classified by the Information Owner, in the System Security Plan or in the AIS Functional Architecture documentation, this check is Not a Finding.

If no identified sensitive or classified data requires encryption by the Information Owner in the System Security Plan and/or AIS Functional Architecture documentation, this check is Not a Finding.

Review privilege assignments to sensitive data stored in the database.

Compare assigned privileges to those that are authorized in the System Security Plan.

If unauthorized access is granted or sensitive data access requirements are not documented, this is a Finding.

Fix Text (F-23498r1_fix)
Have the Information Owner identify all sensitive data stored in the database specified in the System Security Plan. Define job functions and sensitive data access requirements for the job functions and included them in the System Security Plan. Assign only authorized users for job functions.