Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: percent of DBAs that know how to implement database security measures

RE: percent of DBAs that know how to implement database security measures

From: Coleman, Kelley (HAC) <Kelley.Coleman_at_va.gov>
Date: Tue, 4 Apr 2006 14:59:26 -0600
Message-ID: <FA94A8C58E32ED41B749787F4DB158C469B9A6@VHAV19MSGA2.v19.med.va.gov> 





I don't know about the percentage, but I can tell you my own
experiences.  It has been difficult for me to feel I have a complete
understanding of the 'big picture'.

 



Where are the holes? What are the potential impacts? What concrete
migration steps can I take? How can I test it?

 



The research I did was like one of those treasure hunts we did as
kids...here's one clue.......oh, here's another one ....  Only thing is,
I haven't found the treasure yet! I did come across one fairly decent
document from Oracle on hardening the database.  I did most of those
steps. Even then, I didn't always know 'why' I was doing something.  And
then, what about my Application Servers?  It's been a source of
frustration, but also a fairly decent learning experience.

 






From: oracle-l-bounce_at_freelists.org


[mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Murching, Bob
Sent: Tuesday, April 04, 2006 2:48 PM


To: 'bdbafh_at_gmail.com'; 'Oracle-L_at_Freelists'
Subject: RE: percent of DBAs that know how to impletement database
security measures

 



Well, the trick to properly implementing security measures is to tailor
said measures to the company's unique environment--its users, its
projects and the data being managed.  Can 40% of DBAs establish the
appropriate set of security standards?  My answer would be that less
than 10% are ever given the choice.  I believe that "one size fits all"
is a dangerous approach to IT security, but so long as that mentality is
in place, *nobody* is going to be able to *properly* implement any
security measures.

 






From: Paul Drake [mailto:bdbafh_at_gmail.com] 
Sent: Tuesday, April 04, 2006 4:34 PM


To: Oracle-L_at_Freelists


Subject: OT: percent of DBAs that know how to impletement database
security measures



A little piece of email today told me the following:



"... a full 60 percent of DBAs do not know how to implement database
security measures, according to Forrester Research".



Does that figure seem to be:






Inquring minds want to know.


Personally, I think that the phrase lacks the term "properly", as in
"properly implement database security measures". 
"shutdown abort" or "lsnrctl stop" would be examples of "improperly
implement database security measures".



Paul



--
http://www.freelists.org/webpage/oracle-l


Received on Tue Apr 04 2006 - 15:59:26 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US