An error occurred:

Oracle Database 11g Instance STIG Version Comparison

Oracle Database 11g Instance STIG

Comparison

There are 1 differences between versions v8 r19 (Jan. 27, 2017) (the "left" version) and v9 r1 (Oct. 27, 2021) (the "right" version).

Check DG0076-ORACLE11 was changed between these two versions. Green, underlined text was added, red, struck-out text was removed.

The regular view of the left check and right check may be easier to read.

Text Differences

Title

Sensitive information from production database exports should must be modified after before import to a development database.

Check Content

If the database being reviewed is a production database, this check is Not not a Finding. Review finding. Review policy, procedures procedures, and restrictions for data imports of production data containing sensitive information into development databases. If data imports of production data are allowed, review procedures for protecting any sensitive data included in production exports. If sensitive data is included in the exports and no procedures are in place to remove or modify the data to render it not sensitive prior to import into a development database or policy and procedures are not in place to ensure authorization of development personnel to access sensitive information contained in production data, this is a Finding. finding.

Discussion

Data export from production databases may include sensitive data. Application developers do not have a need to know to for sensitive data. Any access they may have to production data would be considered unauthorized access and subject the sensitive data to unlawful or unauthorized disclosure. See DODD 8500.1 for a definition of Sensitive Information.

Fix

Develop, document document, and implement policy, procedures procedures, and restrictions for production data import. Require any users assigned privileges that allow the export of production data from the database to acknowledge understanding of import policies, procedures procedures, and restrictions. Restrict permissions of development personnel requiring use or access to production data imported into development databases containing sensitive information to authorized users. Implement policy and procedures to modify or remove sensitive information in production exports prior to import into development databases.