| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> Re: Back and a Question
I did DOD befoer this. I am doing financial now. The federal government actually passed security laws for financial companies as part of Sarbanes-Oxley(SOX). I was told by operations that one of the rules is that development cannot have access to production data. That is a problem for production support when you get data issues. -------------- Original message -------------- From: David Aldridge <david_at_david-aldridge.com>
> In the magical world that is the US Dept of Defence we use DISA's
> "Security Technical Implementation Guide" (STIG), against which
> standards DISA test using various scripts and whatnot.
>
> http://iase.disa.mil/stigs/stig/database-stig-v7r2.pdf
>
> Exceptions are made where justifiable.
>
> Anjo Kolk wrote:
> > So I made it back on the list, I have a question for you all about DB
> > security. There seems to be a lot of talk about DB security, but not a
> > lot of action. Is that true, and if it is true why don't customers act?
> > There are products out there to check for DB security, how are they
> > doing? Does any body on this list use them?
> >
> > Please share your thoughts and comments,
> >
> > --
> > Anjo Kolk
> > Owner and Founder OraPerf Projects
> > tel: +31-577-712000
> > mob: +31-6-55340888
>
> --
> http://www.freelists.org/webpage/oracle-l
>
>
-- http://www.freelists.org/webpage/oracle-lReceived on Tue Aug 15 2006 - 14:29:05 CDT
 |
 |