DB2 UDB Security Best Practices documentation
in [DB2]
|
Prev: knowing if an NLI is active or has occurred recently
Next: DB2 9.7 - UDF modifying data - Is this possible?
From: byrocat on 19 Apr 2010 15:21 I can find lots of items that deal with how to change the settings for DB2 datbases as "best practices" documents. What I haven't seen is anything like a becst-practices checklist style doument for DB2. There are lots for Sybase and MS SQLServer, but can't see to find any for DB2. Can someone point me where the docuiments can be found on the IBM website or elsewhere? Thanks in advance! Topics would be what privileges to disable that are default settings what logins are default installation items that should be removed or locked minimum audit settings password length and complexity settings (if not using OS-level authentication) separation of logins along functional lines Eg, administration of server software, logical access administration, automated processes and applications, regular (flesh) users, secured powerful privileges.
From: Ian on 19 Apr 2010 19:44
On 4/19/10 12:21 PM, byrocat wrote: > I can find lots of items that deal with how to change the settings for > DB2 datbases as "best practices" documents. > > What I haven't seen is anything like a becst-practices checklist style > doument for DB2. There are lots for Sybase and MS SQLServer, but > can't see to find any for DB2. > > Can someone point me where the docuiments can be found on the IBM > website or elsewhere? I'm not sure if there's a "checklist" in this, but it's a good starting point. http://www.ibm.com/developerworks/data/bestpractices/security/ I have never really liked security checklists because they promote making changes without understanding what the changes do. I've been through security audits where someone followed a checklist, but there were still huge holes because no one actually thought about the implications and whether the checklist was actually complete / valid. Granted, they are probably better than nothing, but ... |