?
Solved

Top Level Oracle RDBMS Security

Posted on 2013-05-22
2
Medium Priority
?
443 Views
Last Modified: 2013-06-07
1) Aside from:
- applying the latest security patches,
-ensuring you enforce strong passwords and password policies (non default passwords for DB accounts),
- assign only the appropriate permissions to those database accounts,
- ensure the database files are only accessible on the hosting server by the appropriate admin,

What other security best practices are there (specific to the oracle database product not the hosting OS) that should be considered?


2) Where exactly can you see where the RMAN backup is being written to?
0
Comment
Question by:pma111
2 Comments
 
LVL 11

Accepted Solution

by:
mohammadzahid earned 1000 total points
ID: 39189400
set dictionary accessibility parameter to setting that can only get viewed by DBA.
I think parameter is o7_dictionary_accessibility (look up Oracle documentation on setting parameters)
0
 
LVL 23

Assisted Solution

by:David
David earned 1000 total points
ID: 39189477
My contribution would be to ensure all personally identifiable information (PII) was identified, and encrypted, wherever the data was at rest:  in a tablespace, file system, dump file, backup file, etc.  Don't forget to protect (or preferably eliminate) storage of reports and data extractions that are in clear text.

Then, secondarily, go after the PII data in motion:  networks, devices, etc.

You would do well to look into the DoD standards and templates for evaluating a system.  There are checklists which can show levels of severity, so that I can persuade my accountant what must be focused upon.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes has been used since a very long time as an e-mail client and is very popular because of it's unmatched security. In this article we are going to learn about  RRV Bucket corruption and understand various methods to Fix "RRV Bucket Corrupt…
MSSQL DB-maintenance also needs implementation of multiple activities. However, unprecedented errors can hamper the database management. In that case, deploying Stellar SQL Database Toolkit ensures fast and accurate database and backup repair as wel…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Suggested Courses

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question