Dear Readers,
My name is Franz Devantier, creator of this blog. I am an Oracle Certified
Professional (OCP DBA 11g) Security DBA.
I will be sharing with you the basic duties of an Oracle DBA, and also
some of the undocumented, and not so well known tasks.
Security, Checklists, Recommendations - Part
3
Personnel Checklist
Your security processes and
provisions will be upheld or bypassed by your staff. So ultimately your security systems are
critically dependent on your staff.
Firstly, how honest and trustworthy are your staff? Secondly, how aware and alert are they to
security issues in the organization.
To ensure that you have honest
and trustworthy people on your staff, it comes back to selection. You need to go back to the interviewing
process. Did the HR or interviewing
person properly scrutinize and question the person they were interviewing? Was the candidate observed for signs of
honesty and dishonesty? Were the
references all carefully followed up, with relevant questions to those given as
references? Did you use psychometric
tests, to get a better understanding of the people you were hiring? Either before or after, you would have had to
determine if the people have the appropriate technical, or management
background for the post they are applying for.
Security depends to a large
extent on the individuals, the personnel that work for the enterprise. Those people who were not suitable should
have been eliminated. Your personnel
needs to remain focussed. If they start
to get careless or lazy, or resentful, then your tight security will lesson or
disappear altogether. Your carefully
planned security measures can be sabotaged, in order to allow security breaches
intentionally or unintentionally to take place.
I have seen many times, that there was a severe security breach, but at
that time for various reasons, the security cameras and other security measures
were not in operation. Be aware that the
security breach can also come from inside your organization, so the selection
of staff must be very carefully done, and part of the security must also be to
monitor the staff.
You can’t expect your staff to
automatically be equipped to support the security infrastructure of your
organization. You will need to actively
train them on the intricacies of your specific setup, and teach them how to
optimize the security. They must know
all the procedures that are in place, and what happens after there has been a
security breach, and how the responsible parties are brought to accountability. Regular updates to the staff on the relative
success of the security measures, and changes etc will also help. If the right staff have been chosen, then
they will more than likely be prepared to help in a positive way with the
maintenance of the physical and other security systems in place.
If you get the personnel part of
your organization right, then the complete security landscape should look a
whole lot better.
Franz Devantier,
Need a database health check,
or a security audit?
devantierf@gmail.com
Income stabilizer (win-win opportunity)
Join the carefully selected and tested cash-flow generating
program below to potentially create a long-term residual or annuity type income
enhancer for yourself.
|
Traffic Wave - Free Report: The report will
give you all the information you need to start making a nice long-term residual
income stream for yourself.
|
No comments:
Post a Comment