 |
|
Estimating the costs of Oracle data exposure
Oracle Tips by Burleson Consulting |
Maintaining Oracle data security is essential, and all Oracle
managers have a fiduciary responsibility to protect confidential
information. The Oracle professional must be aware of the financial risk associated with
inadvertent disclosure of their Oracle data.
Whether it's an external breach
(hacker attack) or internal data management malfeasance (i.e.
using an overseas remote DBA provider), disclosure of
confidential data has expensive consequences, and these costs
can be identified.
Insider job are by far the
greatest area of Oracle data loss, as I recount in my
Oracle hackers horror stories
This
data loss
calculator from Tech/404 notes existing costs for data
breaches and creates a cost calculator for determining the
financial loss from exposure of Oracle data. They base
their cost estimations on existing data loss cases:
| Action Against: |
Potential Class Size: |
Seeking Damages Of*: |
| St. Francis Hospital |
260,000 |
$5,000/pp |
| Verizon |
2,000,000 |
$21,000/pp |
| AOL |
500,000 |
$1,000/pp |
| Veteran's Administration |
260,000 |
$5,000/pp |
Statistically, the majority of
Oracle data loss comes from "inside jobs", disgruntled employees
or unscrupulous foreign outsourcing companies to steal and
re-sell your Oracle data.
Keep your Oracle data inside the
USA
It’s critical to choose a remote
DBA provider within the safety of our strict US data privacy
laws. Laws vary widely between countries, and you must have the
full protection of your countries copyright and data privacy
statutes.
I’ve seen firsthand how choosing a
bargain offshore Oracle remote DBA provider has lead to widespread data theft,
leaving the customer with little or no legal recourse. Many
Oracle shops choose their remote DBA provider within the USA
because of our strict data protection statutes.
I was once called-in to do
emergency support for a company suffering from poor Oracle
performance and discovered a "rootkit" which was regularly
e-mailing the database data to China. Their data loss was
so catastrophic that they went out of business.
According to
news.com, Forrester recently surveyed 28 companies with data
breaches and estimated that such a breach will cost an
organization between $90 and $305 per exposed record, a lot of
money. When the Oracle data is used for identity theft,
the costs skyrocket.
Oracle Data Breach References
To fully understand the risks and exposures arising from Oracle
data exposure, I highly recommend these Oracle data security
books by some of the world's leading Oracle security experts:
 |
If you like Oracle tuning, see the book "Oracle
Tuning: The Definitive Reference", with 950 pages of tuning tips and
scripts.
You can buy it direct from the publisher for 30%-off and get
instant access to the code depot of Oracle tuning scripts. |
|
