Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: OT: percent of DBAs that know how to impletement database security measures

Re: OT: percent of DBAs that know how to impletement database security measures

From: John D Parker <orclwzrd_at_yahoo.com>
Date: Tue, 4 Apr 2006 14:12:00 -0700 (PDT)
Message-ID: <20060404211200.28371.qmail@web32601.mail.mud.yahoo.com> 





How about how many companies have a clue when some auditor tells them XXX is not secure and you need to do XXX to secure it.



I just lost a client becaust they are getting PCI certified and they decided that as a third party working on their system I must be certified also or not touch it. A quick review of the PCI standards I found out on the web had no such restriction...



I've won several usability battles with the nice auditors, for some reason they won't take the oncall pager along with the sys, system and oracle passwords... So they hand the whole thing back and go away.



John


former security team member...




Paul Drake <bdbafh_at_gmail.com> wrote: A little piece of email today told me the following:



"... a full 60 percent of DBAs do not know how to implement database security  measures, according to Forrester Research".



Does that figure seem to be:






Inquring minds want to know.


Personally, I think that the phrase lacks the term "properly", as in "properly implement database security measures". 
"shutdown abort" or "lsnrctl stop" would be examples of "improperly implement database security measures".



Paul

 

                




Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls.  Great rates starting at 1&cent;/min.

--
http://www.freelists.org/webpage/oracle-l


Received on Tue Apr 04 2006 - 16:12:00 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US