A-094 - Business Data (Dolibarr)
Purpose
Store and manage business-related information processed by the Dolibarr application.
Asset Type
- Information
Description
- Customer data, invoices, financial records and operational data
- Stored within the Dolibarr database
- Core business information of the lab
Criticality
- Critical
Sensitivity
- Highly Sensitive
Exposure Level
- Restricted
Trust Zone
- Heaven
Dependencies
- Database (A-065)
- Dolibarr application (A-064)
Relationships
- Accessed through Dolibarr application
- Stored in MariaDB database
Security Position (Architecture Context)
- Primary target for data exfiltration or manipulation
- High impact in case of confidentiality or integrity breach
- Central to business-related risk scenarios
Existing Protective Measures
- Access restricted via application layer
- No direct public exposure of database
Owner / Responsibility
- Security Role (Sec)
Notes
- Backup strategy not fully implemented
- Strong dependency on application and database security