Company owns an ERP oracle database(A). Vendor have installed another product on oracle database(B).
B requires data from staging tables in A on-demand or real time. B also requires to push data into staging table frequently.
Company has got 24*7 support from Vendor. But access is given on case-to-case basis to the vendor to support this database.
What is best practice to enable data exchange? Currently, a database link from Vendor Database to company database is created? Can the vendor exploit the database link to hack into company database?