Prevent unauthorized access to data in databases and achieve efficiencies in database consolidation. Adherence to this standard will ensure data consistency, proper management of disaster recovery, backups, point in time recovery processes and application testing.
- Every database will have at least three distinct areas: development, acceptance testing and production.
- Administrative privileges on production and acceptance testing database areas:
- Multi-agency shared infrastructure will be restricted to the agency hosting the database.
- Single agency infrastructure will be restricted to the either the agency hosting the database or the agency's DBA staff.
- Migrating changes from acceptance test to production requires that the agency who owns the data have a formal acceptance testing and sign off process.
- Agency assigned developers will have developer privileges to development database areas.
- Create user privileges on all database areas will be restricted to the database or security administrators.
- Access to system level views of database catalog information will be restricted.
- Migrating changes from development to acceptance test is requested by the agency assigned developers.
- Database scripts which modify database objects will be reviewed, approved, and run on production and acceptance test databases by the database administrators.
- Installation and creation of production, acceptance test and development databases for new systems must be performed by the database administrators.
- User authentication shall utilize the enterprise Microsoft Active Directory if supported by the Database.
- Personnel administering vendor applications that control changes to database objects through the vendor's tool and not scripts will be allowed to apply upgrades to all database areas. Prior to deployment in production, the changes created by the tool must be reviewed to assure that all changes adhere to this standard. In addition, before any changes are made to any database area, backups must be taken for recovery purposes.
Administrative privileges include the administration of a database, database objects and users. These privileges are explained in the following categories:
- Privileges to perform system wide actions that affect the whole database, which in turn can affect recoverability and performance. These privileges allow the administration of database objects such as tablespaces, rollback segments, and control files. They allow users to change database parameters and restrict a database or terminate user sessions.
- Privileges to modify all database objects defined in the database, which may be for multiple agencies and/or multiple applications. These privileges are ones that include the keyword "ANY" which allows access to all objects in a database regardless of who owns them, such as "DROP ANY TABLE".
- Privileges to access all the data and code in a database, which can be for multiple agencies and/or multiple applications. For example using the keyword ANY (SELECT ANY TABLE).
- Privileges to setup database security. For example allowing the creation of users (end users and table owners) in a database, granting object privileges, creating and granting roles, creating profiles, and granting the ability to grant security to another user via the keywords "WITH ADMIN OPTION" and "WITH GRANT OPTION".
Developer privileges include the modification of a specific set of database objects. For example using the commands ALTER, CREATE, and DROP of database objects such as tables, functions, procedures, triggers, views, and roles.
Administrative privileges are not freely given to applications or non-administrative personnel.
This standard applies to all executive branch state agencies including the University Systems Office but excluding other higher education institutions, i.e. campuses and agricultural and research centers.
Statement of Commitment
North Dakota's CIO/CTO directs that IT Policy be created to establish statewide information technology policies and standards as defined within ND Century Code (Chapter 54-59-09).
Non-compliance with this standard shall be reported to the Office of the State Auditor.