6.3.1 Review Organization's Policies Against Db2 RCAC Policies

Information

DB2 Row and Column Access Control (RCAC) Policies control access to Db2 tables. They should match the organization's security and database access policies, and they should be regularly reviewed for gaps.

Rationale:

Missing, incomplete, or incorrect Db2 RCAC policies will increase the risks to the organization's protected data and will prevent efforts to monitor, alert, and respond to these risks in the future.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Create RCAC policies for each 'gap' listed from the Audit procedure.

Review the newly created Db2 RCAC policy against the organization's written policies.

Default Value:

Not installed

See Also

https://workbench.cisecurity.org/benchmarks/10752

Item Details

Category: ACCESS CONTROL, MEDIA PROTECTION

References: 800-53|AC-3, 800-53|AC-5, 800-53|AC-6, 800-53|MP-2, CSCv7|14.6

Plugin: IBM_DB2DB

Control ID: 7dc1f0268f5889c7e54ba6f4e2d9896c3e6bdb7fb8a6353c541acd74e5f61953