Applying the principle of least privilege for user management of application databases on the AIMMS Cloud Platform:
- When AIMMS creates an application database for a cloud account, we provide the customer with an ‘admin account’, a highly-privileged account, so that the customer has full control over the database.
- We recommend our customers to only use this account for user management and to create user accounts with limited privileges for other tasks, including the access credentials to include in the AIMMS app.
- We recommend that for each user you carefully limit the privileges you assign to this account to only what is needed to perform the tasks for which the account has been created.
- Finally, we recommend that you perform a periodic review of all database users and their privileges. Are these still up-to-date?
With the above measures you will help reduce information security risks associated with the application database that holds, in most cases sensitive, company data. Meanwhile at AIMMS we are looking at alternatives to usernames and passwords for the access to the application databases by the AIMMS apps.