-
Compliance 101 for Oracle DBAs
Nov 25, 2014Reading Time: 2 minutes Regulatory compliance issues are top-of-mind for today’s senior executives. New laws and industry regulations are changing how organizations acquire, store, manage, retain and dispose of data. Every Oracle DBA should be aware of these changes because of their sweeping impacts on the DBA job role. Compliance goes hand-in-hand with security because regulations often mandate that organizations be able to attest or even prove that data—and therefore databases—are secure and controlled. In this context, Oracle DBAs…..
Read more Add new comment -
Database Security: Is Your Database Vulnerable To Internal Attack?
Nov 15, 2011Reading Time: 2 minutes Enforcing Least Privilege To Enhance Database Security The principle of least privilege refers to the practice of ensuring that each individual has only the privilege and access that is necessary to perform their job function. In most IT shops that run an Oracle database, there are a group of individuals that need administrative access to the operating system and the database. These individuals include both operating system administrators and database administrators. In order to ensure Database Security, particularly Oracle Security, it…..
Read more Add new comment -
Database Security Issues in the Cloud, Part 2: Regulatory Compliance
Aug 26, 2011Reading Time: 2 minutes As the number of databases moving to public, private and hybrid cloud computing infrastructure increases, security concerns are a significant and growing problem. Organizations will do well to scrutinize the security practices of cloud providers and other third parties that store their data. But wherever databases are running, responsibility for the security and integrity of data ultimately rests with the organization that owns the data – even when it resides with a service provider. As…..
Read more Add new comment -
Secure The Database, Inside and Out
Jun 9, 2011Reading Time: 2 minutes It has been a relatively short time since I wrote my last post on database security but so many breaches have occurred since then that it seems like much longer. In just the past few months, Sony’s gaming system was shut down for two weeks, a nuclear facility in Iran was physically damaged by nefarious code introduced into the system, the SecureId system at Lockeed Martin was compromised, and google’s mail system was hacked again. The list…..
Read more Add new comment -
Oracle Security: Oracle’s Audit All Command Doesn’t Really Audit All
Mar 17, 2011Reading Time: 2 minutes When attempting to make their Oracle database as secure as possible, many organizations turn on Oracle’s auditing feature. Oracle has a very robust auditing feature that enables us to log every action taken in the database. We can audit connections, object creation, data updates, deletes, and many other database activities. Some organizations turn on auditing in order to comply with regulations or corporate security policy and may not actually review the logs that are produced…..
Read more Add new comment -
Database Security Issues in the Cloud: Part 1
Mar 17, 2011Reading Time: 3 minutes The benefits of cloud computing, including reduced IT ownership and operating costs and improved resource utilization, are just too good for many organizations to pass up. More and more businesses of all sizes are moving a wide range of applications to cloud environments. But database security concerns remain a significant barrier to cloud adoption. When your applications are running on a cloud provider’s infrastructure, the provider is responsible for ensuring that its operations, facilities, network,…..
Read more Add new comment