• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 448
  • Last Modified:

Top Level Oracle RDBMS Security

1) Aside from:
- applying the latest security patches,
-ensuring you enforce strong passwords and password policies (non default passwords for DB accounts),
- assign only the appropriate permissions to those database accounts,
- ensure the database files are only accessible on the hosting server by the appropriate admin,

What other security best practices are there (specific to the oracle database product not the hosting OS) that should be considered?


2) Where exactly can you see where the RMAN backup is being written to?
0
pma111
Asked:
pma111
2 Solutions
 
mohammadzahidCommented:
set dictionary accessibility parameter to setting that can only get viewed by DBA.
I think parameter is o7_dictionary_accessibility (look up Oracle documentation on setting parameters)
0
 
DavidSenior Oracle Database AdministratorCommented:
My contribution would be to ensure all personally identifiable information (PII) was identified, and encrypted, wherever the data was at rest:  in a tablespace, file system, dump file, backup file, etc.  Don't forget to protect (or preferably eliminate) storage of reports and data extractions that are in clear text.

Then, secondarily, go after the PII data in motion:  networks, devices, etc.

You would do well to look into the DoD standards and templates for evaluating a system.  There are checklists which can show levels of severity, so that I can persuade my accountant what must be focused upon.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now