Oracle data security auditing

Home
E-mail Us
Oracle Articles
New Oracle Articles

Oracle Training
Oracle Tips
Oracle Forum
Class Catalog

Remote DBA
Oracle Tuning
Emergency 911
RAC Support
Apps Support
Analysis
Design
Implementation
Oracle Support

SQL Tuning
Security
Oracle UNIX
Oracle Linux
Monitoring
Remote support
Remote plans
Remote services
Application Server
Applications
Oracle Forms
Oracle Portal
App Upgrades
SQL Server
Oracle Concepts
Software Support
Remote Support
Development
Implementation

Consulting Staff
Consulting Prices
Help Wanted!

Oracle Posters
Oracle Books
Oracle Scripts
Ion
Excel-DB

Don Burleson Blog

Oracle data security tips

Oracle Database Tips by Donald Burleson

Corporations all over the USA are grappling with massive data losses (over 94 million personal records stolen), and Oracle shops everywhere are struggling to protect confidential information from increasingly sophisticated criminal hackers.

I highly recommend the book "Oracle Privacy Security Auditing" for a complete treatment of Oracle data security techniques and auditing mechanisms. See Database Auditing for Risk Management and Regulatory Compliance for details.

Oracle data security software

Oracle is used for some of the most classified military databases with complete confidence and the vast majority of Oracle data security breaches are related to inappropriate configuration and poor design. Oracle is the most sophisticated database management system on the market, and they offer a wealth of security mechanisms to guarantee data security:

Single Sign-on (SSO)
Grant-level security - Either "grant execute" or "grant access" privileges, with encapsulation into roles.
Virtual Private Database (VPD) security

Causes of Oracle data security beaches

It's actually quite rare to find an Oracle data security breach that cannot be attributed to sub-optimal configuration and poor database design. Some of the most common data security mistakes include:

Inappropriate Data Distribution - When Oracle data is maintained outside the control of the database engine. All secure database keep the data is a safe centralized location and distribute it according to the data access rules.
Poor database Design - It can be a nightmare to enforce security onto a poorly designed database, especially systems that allow data downloads onto external software such as MS Excel, etc.
Incomplete Auditing - A large amount of data theft is the result of unauthorized access by system users.

When we read about Oracle security breaches the newspapers we also always see data security breaches that are the fault of the DBA and manager, not the Oracle security software. Today, regulatory compliance rules (SOX, HIPAA) provide criminal penalties for management malfeasance, and savvy managers always retain Oracle security auditors to review their data security mechanisms.

BC provides complete Oracle data security assessment and auditing support, an easy way to validate your data security mechanisms.

��