Access control [Mandatory]

• Implement strict access controls to restrict access to authorized personnel only
• Access to a DBMS must apply the principle of least privilege and users and applications should only have the permissions required to achieve their role and purpose