Link to home
Start Free TrialLog in
Avatar of Pau Lo
Pau Lo

asked on

Oracle security maintenance and monitoring

I have been asked to identify some best practice "post implementation" (i.e. DB servers in production) routine security maintenance and monitoring tasks that a good DBA should be performing on routine basis. I was thinking along the lines of ensuring latest patches applied, occasional vetting DB level accounts and permissions once per quarter, ensuring no config changes have been made outsid change cotnrol etc. Can you give some pointers on any self audits you do to routinely reverify the security configuration of your Databases, and how often you do such checks.
Avatar of YZlat
YZlat
Flag of United States of America image

enable and configure auditing
ASKER CERTIFIED SOLUTION
Avatar of David VanZandt
David VanZandt
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Pau Lo
Pau Lo

ASKER

I appreciate there are hare hardeninig guides for when building systems, but I was more after what security checks you still need to perform after build stage when its put into production. It cant be a case of build in line with best practice and "set it and forget it".
Many, many directions for that point to be pursued <smiles>.  All systems may be hacked, given sufficient resources.  Perhaps the biggest gap after a breech is to determine not just that data may have been changed, but to validate that no latent bugs were planted.  For example, the users' profiles have a package to control password rules.  During a backup recovery, who checks to confirm that the package hasn't changed?