Shrink Your Sensitive Data Footprint Protecting data is hard. Knowing for sure that you have identified and mitigated every vulnerability takes a lot of work and constant vigilance. The more servers you have to harden, the more databases you have to protect, the more work it is, and the more likely you will leave a hole … Continue reading A Simple Way to Improve Data Security
Read more Add new comment
Discovering Sensitive Data Oracle has long had strong database encryption functionality and it keeps getting better. But they have been lacking a simple way to identify sensitive data in the database so you know what to encrypt, audit or protect via policies. I thought that might have improved recently with the release of a new database … Continue reading Is the Sensitive Data in your Oracle database really safe?
Read more Add new comment
Infoworld today announced that they have been researching a flaw in oracle that can result in the inability to restore your database. Large oracle shops with interconnected databases are most at risk. The problem revolves around oracle’s SCN (system change number). The number has a limit that if exceeded, can render a database unusable, even … Continue reading Critical Oracle Security and Stability Flaw Discovered
Read more Add new comment
Test your Assumptions: Database Backup and Recovery Every now and then something happens that really drives home the need to test and validate the assumptions that we have about the availability of our IT assets. I had an experience this week that brought to mind the importance of testing backup and recovery and business continuity plans. … Continue reading Database Downtime: Prepare For The Unexpected
Read more Add new comment
Enforcing Least Privilege To Enhance Database Security The principle of least privilege refers to the practice of ensuring that each individual has only the privilege and access that is necessary to perform their job function. In most IT shops that run an Oracle database, there are a group of individuals that need administrative access to the operating system and … Continue reading Database Security: Is Your Database Vulnerable To Internal Attack?
Read more Add new comment
As the number of databases moving to public, private and hybrid cloud computing infrastructure increases, security concerns are a significant and growing problem. Organizations will do well to scrutinize the security practices of cloud providers and other third parties that store their data. But wherever databases are running, responsibility for the security and integrity of … Continue reading Database Security Issues in the Cloud, Part 2: Regulatory Compliance
Read more Add new comment
It has been a relatively short time since I wrote my last post on database security but so many breaches have occurred since then that it seems like much longer. In just the past few months, Sony’s gaming system was shut down for two weeks, a nuclear facility in Iran was physically damaged by nefarious code … Continue reading Secure The Database, Inside and Out
Read more Add new comment
When attempting to make their Oracle database as secure as possible, many organizations turn on Oracle’s auditing feature. Oracle has a very robust auditing feature that enables us to log every action taken in the database. We can audit connections, object creation, data updates, deletes, and many other database activities. Some organizations turn on auditing … Continue reading Oracle Security: Oracle’s Audit All Command Doesn’t Really Audit All
Read more Add new comment
Strong Database Security Today’s database systems have sophisticated security mechanisms designed to enable the protection of data and the tracking of the viewing and modification of the data. For example, Oracle has database roles that govern what database objects a user can see and edit. Oracle also has auditing features that enable us to track … Continue reading Bridge the Gap Between Database Security and Application Security
Read more Add new comment
The benefits of cloud computing, including reduced IT ownership and operating costs and improved resource utilization, are just too good for many organizations to pass up. More and more businesses of all sizes are moving a wide range of applications to cloud environments. But database security concerns remain a significant barrier to cloud adoption. When … Continue reading Database Security Issues in the Cloud: Part 1
Read more Add new comment