Synergetic databases and applications require adequate security configuration through multiple layers of the environment. They main objective of this exercise is to protect the database and system availability to ensure that confidential data is kept private and the system is secured and continually accessible to users who need access. This review focuses on helping to improve system security, however for improved business continuity practices it is recommended to also consider additional options that may provide improved performance, high availability and disaster recovery. The key focus points of this template are for hardening security configuration within a Synergetic environment across the following layers:
- Information Security Management
- Network Security
- Database Security
- Web Server Security
- Application SecurityDatabase
- Supporting Services Security
Refer to Synergetic Data Privacy and Security Information Sheet - Synergetic User Hub - Synergetic Wiki for a top level overview.
...
*R= can be assessed remotely without input from stakeholders - y = YES P=Partially but additional info required from the stakeholders.
...
SUPPORTING SERVICES SECURITY
| Seq | Recommended Controls | Control Reference | R* | Findings | Risk Rating (Critical, High, Medium, Low) |
|---|---|---|---|---|---|
| 1 | If DocMan Import Service is used:
| Synergetic Security - Best Practices | Y | ||
| 2 | Services run under low level domain user account | Synergetic Security - Best Practices | Y |
...