diff --git a/common/taskana-common-data/src/main/resources/sql/clear/clear-db.sql b/common/taskana-common-data/src/main/resources/sql/clear/clear-db.sql
index 0875435eb..e5f491917 100644
--- a/common/taskana-common-data/src/main/resources/sql/clear/clear-db.sql
+++ b/common/taskana-common-data/src/main/resources/sql/clear/clear-db.sql
@@ -13,4 +13,5 @@ DELETE FROM CLASSIFICATION;
 DELETE FROM OBJECT_REFERENCE;
 DELETE FROM SCHEDULED_JOB;
 DELETE FROM USER_INFO;
+INSERT INTO CONFIGURATION (NAME) VALUES ('MASTER');
 COMMIT;
diff --git a/common/taskana-common/src/main/resources/sql/db2/taskana-schema-db2.sql b/common/taskana-common/src/main/resources/sql/db2/taskana-schema-db2.sql
index 7150f2794..a62abc9e0 100644
--- a/common/taskana-common/src/main/resources/sql/db2/taskana-schema-db2.sql
+++ b/common/taskana-common/src/main/resources/sql/db2/taskana-schema-db2.sql
@@ -188,10 +188,13 @@ CREATE TABLE ATTACHMENT(
 );
 
 CREATE TABLE CONFIGURATION (
-    ENFORCE_SECURITY BOOLEAN NOT NULL,
+    NAME VARCHAR(8) NOT NULL,
+    ENFORCE_SECURITY BOOLEAN NULL,
     CUSTOM_ATTRIBUTES CLOB NULL
 );
 
+INSERT INTO CONFIGURATION (NAME) VALUES ('MASTER');
+
 CREATE TABLE TASK_COMMENT(
     ID VARCHAR(40) NOT NULL,
     TASK_ID VARCHAR(40) NOT NULL,
diff --git a/common/taskana-common/src/main/resources/sql/db2/taskana_schema_update_4.8.0_to_4.11.0_db2.sql b/common/taskana-common/src/main/resources/sql/db2/taskana_schema_update_4.8.0_to_4.11.0_db2.sql
index 78a5ea717..a98cc0b2b 100644
--- a/common/taskana-common/src/main/resources/sql/db2/taskana_schema_update_4.8.0_to_4.11.0_db2.sql
+++ b/common/taskana-common/src/main/resources/sql/db2/taskana_schema_update_4.8.0_to_4.11.0_db2.sql
@@ -4,6 +4,10 @@ SET SCHEMA %schemaName%;
 
 INSERT INTO TASKANA_SCHEMA_VERSION (VERSION, CREATED) VALUES ('4.11.0', CURRENT_TIMESTAMP);
 
+ALTER TABLE CONFIGURATION ADD COLUMN NAME VARCHAR(8) NOT NULL DEFAULT 'MASTER';
+ALTER TABLE CONFIGURATION ALTER COLUMN ENFORCE_SECURITY DROP NOT NULL;
+ALTER TABLE CONFIGURATION ALTER COLUMN NAME DROP DEFAULT;
+
 UPDATE TASK SET CUSTOM_1 = '' WHERE CUSTOM_1 IS NULL;
 UPDATE TASK SET CUSTOM_2 = '' WHERE CUSTOM_2 IS NULL;
 UPDATE TASK SET CUSTOM_3 = '' WHERE CUSTOM_3 IS NULL;
diff --git a/common/taskana-common/src/main/resources/sql/h2/taskana-schema-h2.sql b/common/taskana-common/src/main/resources/sql/h2/taskana-schema-h2.sql
index 1df98a34f..f79d0009e 100644
--- a/common/taskana-common/src/main/resources/sql/h2/taskana-schema-h2.sql
+++ b/common/taskana-common/src/main/resources/sql/h2/taskana-schema-h2.sql
@@ -307,10 +307,12 @@ CREATE TABLE CLASSIFICATION_HISTORY_EVENT
 );
 
 CREATE TABLE CONFIGURATION (
-    ENFORCE_SECURITY BOOLEAN NOT NULL,
+    NAME VARCHAR(8) NOT NULL,
+    ENFORCE_SECURITY BOOLEAN NULL,
     CUSTOM_ATTRIBUTES CLOB NULL
 );
 
+INSERT INTO CONFIGURATION (NAME) VALUES ('MASTER');
 
 CREATE TABLE USER_INFO (
     USER_ID                     VARCHAR(32)     NOT NULL,
diff --git a/common/taskana-common/src/main/resources/sql/h2/taskana_schema_update_4.8.0_to_4.11.0_h2.sql b/common/taskana-common/src/main/resources/sql/h2/taskana_schema_update_4.8.0_to_4.11.0_h2.sql
index fd1f46c33..d4d2bc0f2 100644
--- a/common/taskana-common/src/main/resources/sql/h2/taskana_schema_update_4.8.0_to_4.11.0_h2.sql
+++ b/common/taskana-common/src/main/resources/sql/h2/taskana_schema_update_4.8.0_to_4.11.0_h2.sql
@@ -2,6 +2,10 @@
 
 INSERT INTO TASKANA_SCHEMA_VERSION (VERSION, CREATED) VALUES ('4.11.0', CURRENT_TIMESTAMP);
 
+ALTER TABLE CONFIGURATION ADD COLUMN NAME VARCHAR(8) NOT NULL DEFAULT 'MASTER';
+ALTER TABLE CONFIGURATION ALTER COLUMN ENFORCE_SECURITY DROP NOT NULL;
+ALTER TABLE CONFIGURATION ALTER COLUMN NAME DROP DEFAULT;
+
 UPDATE TASK SET CUSTOM_1 = '' WHERE CUSTOM_1 IS NULL;
 UPDATE TASK SET CUSTOM_2 = '' WHERE CUSTOM_2 IS NULL;
 UPDATE TASK SET CUSTOM_3 = '' WHERE CUSTOM_3 IS NULL;
diff --git a/common/taskana-common/src/main/resources/sql/postgres/taskana-schema-postgres.sql b/common/taskana-common/src/main/resources/sql/postgres/taskana-schema-postgres.sql
index 8cdfe9f59..499aaf463 100644
--- a/common/taskana-common/src/main/resources/sql/postgres/taskana-schema-postgres.sql
+++ b/common/taskana-common/src/main/resources/sql/postgres/taskana-schema-postgres.sql
@@ -302,10 +302,13 @@ CREATE TABLE CLASSIFICATION_HISTORY_EVENT
 );
 
 CREATE TABLE CONFIGURATION (
-    ENFORCE_SECURITY BOOLEAN NOT NULL,
+    NAME VARCHAR(8) NOT NULL,
+    ENFORCE_SECURITY BOOLEAN NULL,
     CUSTOM_ATTRIBUTES TEXT NULL
 );
 
+INSERT INTO CONFIGURATION (NAME) VALUES ('MASTER');
+
 
 CREATE TABLE USER_INFO (
     USER_ID                     VARCHAR(32)     NOT NULL,
diff --git a/common/taskana-common/src/main/resources/sql/postgres/taskana_schema_update_4.8.0_to_4.11.0_postgres.sql b/common/taskana-common/src/main/resources/sql/postgres/taskana_schema_update_4.8.0_to_4.11.0_postgres.sql
index 5811e0fa8..7d5a27378 100644
--- a/common/taskana-common/src/main/resources/sql/postgres/taskana_schema_update_4.8.0_to_4.11.0_postgres.sql
+++ b/common/taskana-common/src/main/resources/sql/postgres/taskana_schema_update_4.8.0_to_4.11.0_postgres.sql
@@ -4,6 +4,10 @@ SET search_path = %schemaName%;
 
 INSERT INTO TASKANA_SCHEMA_VERSION (VERSION, CREATED) VALUES ('4.11.0', CURRENT_TIMESTAMP);
 
+ALTER TABLE CONFIGURATION ADD COLUMN NAME VARCHAR(8) NOT NULL DEFAULT 'MASTER';
+ALTER TABLE CONFIGURATION ALTER COLUMN ENFORCE_SECURITY DROP NOT NULL;
+ALTER TABLE CONFIGURATION ALTER COLUMN NAME DROP DEFAULT;
+
 UPDATE TASK SET CUSTOM_1 = '' WHERE CUSTOM_1 IS NULL;
 UPDATE TASK SET CUSTOM_2 = '' WHERE CUSTOM_2 IS NULL;
 UPDATE TASK SET CUSTOM_3 = '' WHERE CUSTOM_3 IS NULL;
diff --git a/lib/taskana-core/src/main/java/pro/taskana/common/internal/ConfigurationMapper.java b/lib/taskana-core/src/main/java/pro/taskana/common/internal/ConfigurationMapper.java
index 105319d5c..05ff073f9 100644
--- a/lib/taskana-core/src/main/java/pro/taskana/common/internal/ConfigurationMapper.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/common/internal/ConfigurationMapper.java
@@ -1,17 +1,22 @@
 package pro.taskana.common.internal;
 
 import java.util.Map;
-import org.apache.ibatis.annotations.Insert;
 import org.apache.ibatis.annotations.Param;
 import org.apache.ibatis.annotations.Select;
 import org.apache.ibatis.annotations.Update;
 
 public interface ConfigurationMapper {
 
-  @Select("SELECT ENFORCE_SECURITY FROM CONFIGURATION")
-  Boolean isSecurityEnabled();
+  @Select(
+      "<script> SELECT ENFORCE_SECURITY FROM CONFIGURATION "
+          + "<if test='lockForUpdate == true'>"
+          + "FETCH FIRST ROW ONLY FOR UPDATE "
+          + "<if test=\"_databaseId == 'db2'\">WITH RS USE AND KEEP UPDATE LOCKS </if> "
+          + "</if>"
+          + "</script>")
+  Boolean isSecurityEnabled(boolean lockForUpdate);
 
-  @Insert("INSERT INTO CONFIGURATION(ENFORCE_SECURITY) VALUES (#{securityEnabled})")
+  @Update("UPDATE CONFIGURATION SET ENFORCE_SECURITY = #{securityEnabled} WHERE NAME = 'MASTER'")
   void setSecurityEnabled(@Param("securityEnabled") boolean securityEnabled);
 
   @Select(
@@ -23,6 +28,6 @@ public interface ConfigurationMapper {
           + "</script>")
   Map<String, Object> getAllCustomAttributes(boolean lockForUpdate);
 
-  @Update("UPDATE CONFIGURATION SET CUSTOM_ATTRIBUTES = #{customAttributes}")
+  @Update("UPDATE CONFIGURATION SET CUSTOM_ATTRIBUTES = #{customAttributes} WHERE NAME = 'MASTER'")
   void setAllCustomAttributes(@Param("customAttributes") Map<String, ?> customAttributes);
 }
diff --git a/lib/taskana-core/src/main/java/pro/taskana/common/internal/ConfigurationServiceImpl.java b/lib/taskana-core/src/main/java/pro/taskana/common/internal/ConfigurationServiceImpl.java
index 6b6ecc817..90fc5e91d 100644
--- a/lib/taskana-core/src/main/java/pro/taskana/common/internal/ConfigurationServiceImpl.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/common/internal/ConfigurationServiceImpl.java
@@ -27,16 +27,10 @@ public class ConfigurationServiceImpl implements ConfigurationService {
 
   public void checkSecureAccess(boolean securityEnabled) {
     Boolean isSecurityEnabled =
-        internalTaskanaEngine.executeInDatabaseConnection(mapper::isSecurityEnabled);
+        internalTaskanaEngine.executeInDatabaseConnection(() -> mapper.isSecurityEnabled(false));
 
     if (isSecurityEnabled == null) {
-      if (LOGGER.isDebugEnabled()) {
-        LOGGER.debug("Security-mode is not yet set. Setting security flag to {}", securityEnabled);
-      }
-      mapper.setSecurityEnabled(securityEnabled);
-      if (LOGGER.isDebugEnabled()) {
-        LOGGER.debug("Successfully set security mode to {}", securityEnabled);
-      }
+      initializeSecurityEnabled(securityEnabled);
     } else if (isSecurityEnabled && !securityEnabled) {
       LOGGER.error("Tried to start TASKANA in unsecured mode while secured mode is enforced!");
       throw new SystemException("Secured TASKANA mode is enforced, can't start in unsecured mode");
@@ -73,6 +67,25 @@ public class ConfigurationServiceImpl implements ConfigurationService {
     return Optional.ofNullable(getAllCustomAttributes().get(attribute));
   }
 
+  private void initializeSecurityEnabled(boolean securityEnabled) {
+
+    if (LOGGER.isDebugEnabled()) {
+      LOGGER.debug("Security-mode is not yet set. Setting security flag to {}", securityEnabled);
+    }
+    Boolean isStillSecurityEnabled = mapper.isSecurityEnabled(true);
+    if (isStillSecurityEnabled == null) {
+      mapper.setSecurityEnabled(securityEnabled);
+      isStillSecurityEnabled = Boolean.valueOf(securityEnabled);
+      if (LOGGER.isDebugEnabled()) {
+        LOGGER.debug("Successfully set security mode to {}", securityEnabled);
+      }
+    }
+    if (isStillSecurityEnabled && !securityEnabled) {
+      LOGGER.error("Tried to start TASKANA in unsecured mode while secured mode is enforced!");
+      throw new SystemException("Secured TASKANA mode is enforced, can't start in unsecured mode");
+    }
+  }
+
   private Map<String, Object> generateDefaultCustomAttributes() throws IOException {
     JSONObject jsonObject =
         new JSONObject(
diff --git a/lib/taskana-core/src/test/java/acceptance/config/TaskanaSecurityConfigAccTest.java b/lib/taskana-core/src/test/java/acceptance/config/TaskanaSecurityConfigAccTest.java
index 7a2641bba..a3d40cbfd 100644
--- a/lib/taskana-core/src/test/java/acceptance/config/TaskanaSecurityConfigAccTest.java
+++ b/lib/taskana-core/src/test/java/acceptance/config/TaskanaSecurityConfigAccTest.java
@@ -88,13 +88,19 @@ class TaskanaSecurityConfigAccTest {
 
       String selectSecurityFlagSql =
           String.format(
-              "SELECT ENFORCE_SECURITY FROM %s.CONFIGURATION", DataSourceGenerator.getSchemaName());
+              "SELECT ENFORCE_SECURITY FROM %s.CONFIGURATION WHERE NAME = 'MASTER'",
+              DataSourceGenerator.getSchemaName());
 
       Statement statement = connection.createStatement();
       ResultSet resultSet = statement.executeQuery(selectSecurityFlagSql);
 
       if (resultSet.next()) {
-        return resultSet.getBoolean(1);
+        Boolean securityEnabled = resultSet.getBoolean(1);
+        if (resultSet.wasNull()) {
+          return null;
+        } else {
+          return securityEnabled;
+        }
       }
       statement.close();
       return null;
@@ -107,7 +113,7 @@ class TaskanaSecurityConfigAccTest {
 
       String sql =
           String.format(
-              "INSERT INTO %s.CONFIGURATION (ENFORCE_SECURITY) VALUES (%b)",
+              "UPDATE %s.CONFIGURATION SET ENFORCE_SECURITY = %b WHERE NAME = 'MASTER'",
               DataSourceGenerator.getSchemaName(), securityFlag);
 
       Statement statement = connection.createStatement();