The Top Five Challenges In Securing Oracle Databases

The Top Five Challenges In Securing Oracle Databases
The Top Five Challenges In Securing Oracle Databases

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

Content-Transfer-Encoding: QUOTED-PRINTABLE

By Adrian Lane
Contributing Writer
Nov 23, 2010

[Excerpted from "Database Security: Oracle Offers New Tools To Counter 
Threats," a new report posted this week on Dark Reading's Database 
Security Tech Center.]

It=E2=80=99s not easy to secure any relational database, let alone one as 
enormous and feature-rich as Oracle. The product=E2=80=99s massive and diverse 
deployments and legacy installations make it virtually impossible to 
identify and defend against every potential threat. Its connectivity to 
Web apps brings open-source and third-party variables into the mix, 
making the end-user organization even more vulnerable.

However, it is possible to tame the Oracle beast, especially with some 
new tools the company recently launched. Let's take a look at some of 
the security challenges Oracle database users face, and some of the 
methods of handling them.

Challenge 1: Patching

In the past, Oracle was terrible about creating timely patches for 
vulnerabilities brought to its attention. Highly publicized 
vulnerability disclosures and customer outcries have altered the 
company=E2=80=99s approach. Oracle still lags in meaningful disclosure of 
vulnerability risks, and it certainly does not communicate risk in a 
language its customers understand, nor does it typically provide 
workarounds. Nevertheless, it does release security patches in a much 
timelier fashion than it did just a couple of years ago.

But any Oracle DBA will tell you installation of Oracle patches is 
difficult, especially since systems often require rebooting after 
patching; the database is a hub around which many business functions 


Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure. 

Site design & layout copyright © 1986-2014 CodeGods