Database Security Management

Modified on Thu, 19 Aug, 2021 at 12:06 PM

FAQ-DSM-001

Is Database shared or dedicated?

Yes, Dedicated and united hosting. ZingHR platform follows the model of Software as a Service (SaaS) and it’s hosted on Microsoft Azure Cloud platform. We use united hosting as a default deployment option. 

Private VM hosting are client specific with additional charges

 

 

FAQ-DSM-002

Do server admins/network admins share the roles and responsibilities of DBA?

No, ZingHR has a defined standard access control process for maintaining the confidentiality of data. Access to any system or information is regulated by giving logical access control to authorized users only on a need to know basis as per the access control matrix.

 

 

FAQ-DSM-003

Who all will be having access to Database?

DBA and the Internal IT Team are given access, basis access control matrix.

 

 

FAQ-DSM-004

Will the database for Customer will be separated on separate partition?

Yes, Database servers are shared, data is partitioned by SQL schema in the underlying database. 

Folders are provided to users and managed through barriers and privileges. 

Access to database is possible only via code in a secure manner with proper authentication. Database access is protected against query injections and suspicious activities. No separate services is allowed access within the application.

 

 

FAQ-DSM-005

What is the mode of authentication between application and database?

SQL Authentication with Integrated Security. All authentication credentials and session identifiers/tokens are protected with SSL/TLS technology during transmission and WAF implemented.  

 

 

FAQ-DSM-006

Who all have access PSK for database?

DBA and the Internal IT Team are given access, basis access control matrix.

.  

 

FAQ-DSM-007

How the database server is accessed?

Database Server is securely accessed through IP Sec VPN. DBA and the Internal IT Team are given access, basis access control matrix.

 

 

FAQ-DSM-008

How do you protect all information stored on systems with file system, network share, claims, application, or database specific access control list?

Database servers are shared, data is partitioned by SQL schema in the underlying database.
Folders are provided to users and managed through barriers and privileges.

Access to database is possible only via code in a secure manner with proper authentication. Database access is protected against query injections and suspicious activities. No separate services is allowed access within the application

 

 

FAQ-DSM-009

What is the authentication mode used in Database?

Windows Authentication and SQL Authentication with Integrated Security.

 

 

FAQ-DSM-010

How are orphaned users handled?

Once a month review of orphaned users is done and removed appropriately after due product approval process.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article