C-004 - Data Access Restriction
Objective
Ensure that access to sensitive business data is restricted to authorized users and services only.
Type
Preventive
Scope
- Dolibarr
- MariaDB database
Implementation
- Authentication enforcement
- Database access restriction (network + credentials)
- Separation of application and database access
Related Risks
Validation
- Access control testing
- Review of database access configuration
Status
Planned
Owner
Ops