Critical Oracle Security and Stability Flaw Discovered
Infoworld today announced that they have been researching a flaw in oracle that can result in the inability to restore your database. Large oracle shops with interconnected databases are most at risk. The problem revolves around oracle’s SCN (system change number). The number has a limit that if exceeded, can render a database unusable, even […]
Database Security: Is Your Database Vulnerable To Internal Attack?
Enforcing Least Privilege To Enhance Database Security The principle of least privilege refers to the practice of ensuring that each individual has only the privilege and access that is necessary to perform their job function. In most IT shops that run an Oracle database, there are a group of individuals that need administrative access to the operating system and […]
Database Security Issues in the Cloud, Part 2: Regulatory Compliance
As the number of databases moving to public, private and hybrid cloud computing infrastructure increases, security concerns are a significant and growing problem. Organizations will do well to scrutinize the security practices of cloud providers and other third parties that store their data. But wherever databases are running, responsibility for the security and integrity of […]
Secure The Database, Inside and Out
It has been a relatively short time since I wrote my last post on database security but so many breaches have occurred since then that it seems like much longer. In just the past few months, Sony’s gaming system was shut down for two weeks, a nuclear facility in Iran was physically damaged by nefarious code […]
Bridge the Gap Between Database Security and Application Security
Strong Database Security Today’s database systems have sophisticated security mechanisms designed to enable the protection of data and the tracking of the viewing and modification of the data. For example, Oracle has database roles that govern what database objects a user can see and edit. Oracle also has auditing features that enable us to track […]
Oracle Security: Oracle’s Audit All Command Doesn’t Really Audit All
When attempting to make their Oracle database as secure as possible, many organizations turn on Oracle’s auditing feature. Oracle has a very robust auditing feature that enables us to log every action taken in the database. We can audit connections, object creation, data updates, deletes, and many other database activities. Some organizations turn on auditing […]
Database Security Issues in the Cloud: Part 1
Cloud Database Security Issues And Challenges The benefits of cloud computing, including reduced IT ownership and operating costs and improved resource utilization, are just too good for many organizations to pass up. More and more businesses of all sizes are moving a wide range of applications to cloud environments. But database security concerns remain a […]
Remove that Clutter: The Annual Database Security Audit and Cleanup
As the New Year begins, many of us take the beginning of a new calendar year as a cue to to clean out and shred our old files and reorganize our storage spaces so that we have room for all the new supplies and equipment we will need in the new year. We do this […]
Oracle Security — Data Masking using Enterprise Manager
Database administrators often have to provide test data sets to developers, QA teams, or UAT teams. This can be done manually creating test data sets, which can take a very long time especially when the goal is to stress test a new system and a large amount of data is required. An alternative approach often taken by […]
