Security, Policies and Tips - Part 1

Dear Readers,

My name is Franz Devantier, creator of this blog.  I am an Oracle Certified Professional (OCP DBA 11g) Security DBA.  I will be sharing with you the basic duties of an Oracle DBA, and also some of the undocumented, and not so well known tasks. 

Security, Policies and Tips  -  Part 1

When we think in terms of security policies, then we are looking at a very broad subject.  Security policies should include regular backups and storing them offsite, however unencrypted backups stored offsite is a potential security breach.  You should consider encrypting your backups.  A backup made from an encrypted database is by default unencrypted.  However if you encrypt your backups using password encryption, and subsequently lose the password, then the backup is rendered unusable.  So another policy should be the storing of passwords in a central repository either digital or physical. Consider narrowing your tables with sensitive data.  You can do this by restricting access to the sensitive columns, by every kind of access, except the authorized access method through the application.  Only the non-sensitive data can be readily accessed in a table row.

From an overview perspective, you could divide security policies into the following areas.

·         Overview or introduction to various security  policies

·         Application design practices that can reduce risks

·         Security threats and countermeasures

o    Procedural measures, could include requiring data centre employees wearing security badges

o    Background checks, and security clearances on key personnel

o    Physical measures, could include having the computer equipment installed in restricted access facilities

o    Technical measures, could include strong authentication to access critical business systems.

·         Choosing the right countermeasure or combination of countermeasures to combat security threats

To counter the threat of a disgruntled employee damaging key computer equipment, you could put in place physical measures by keeping the equipment in restricted access facilities.  From a procedural perspective you can schedule regular backups.  From a personnel perspective you can do background checks on key employees.  From a technical perspective, you can require secure authentication to connect to the computer, and use audit trails to record everything that is done and by whom.

 Franz Devantier,

Need a database health check, or a security audit?

devantierf@gmail.com

Income stabilizer (win-win opportunity)

Join the carefully selected and tested cash-flow generating program below to potentially create a long-term residual or annuity type income enhancer for yourself.

Traffic Wave - Free Report:  The report will give you all the information you need to start making a nice long-term residual income stream for yourself.