Steps to Mitigate Database Security Worst Practices

Posted by Troy Kitch on Oracle Blogs See other posts from Oracle Blogs or by Troy Kitch
Published on Fri, 10 Dec 2010 15:57:52 -0800 Indexed on 2010/12/12 6:24 UTC
Read the original article Hit count: 999

Filed under:

Database Security

|

top 6

|

Webcast

|

worst practices

The recent Top 6 Database Security Worst Practices webcast revealed the Top 6, and a bonus 7th , database security worst practices:

Privileged user "all access pass"

Allow application bypass

Minimal and inconsistent monitoring/auditing

Not securing application data from OS-level user

No SQL injection defense

Sensitive data in non-production environments

Not securing complete database environment

These practices are uncovered in the 2010 IOUG Data Security Survey. As part of the webcast we looked at each one of these practices and how you can mitigate them with the Oracle Defense-in-Depth approach to database security. There's a lot of additional information to glean from the webcast, so I encourage you to check it out here and see how your organization measures up.

© Oracle Blogs or respective owner

Related posts about Database Security

sudo apt-get update errors

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
Here is what I get on my terminal when running sudo apt-get update errors. I dont know if the issue is from my sources.list or my proxy setup(have not made any changes to proxies). Thank you for any help in advanced. Ign http://security.ubuntu.com oneiric-security Release.gpg Ign http://security… >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Devx - Search for 'Devx'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Internet.com - Search for 'Internet.com'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
SQL SERVER Retrieve and Explore Database Backup without Restoring Database Idera virtual database

as seen on Dot net Slackers - Search for 'Dot net Slackers'
I recently downloaded Ideras SQL virtual database, and tested it. There are a few things about this tool which caught my attention.My ScenarioIt is quite common in real life that sometimes observing or retrieving older data is necessary; however, it had changed as time passed by. The full database… >>> More
StackOverFlowError while creating Mac object on AS400/Java

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello all, I am a newbie to AS400-Java programming. I am trying to create my first program to test the implementation of Message Authentication Code (MAC). I am trying to use the HMACSHA1 hash function. My (Java 1.4) program runs fine on a dev box (V5R4).But fails terribly on the QA box (V5R3). My… >>> More

Related posts about top 6

Twitter Bootstrap styling conflicts with plug-ins like jqGrid and other third part libraries

as seen on Geeks with Blogs - Search for 'Geeks with Blogs'
Issues:The concern is that the Twitter Bootstrap framework is that some of their css selectors are simply too generic and have incompatibility issues and conflicts with most third party plug-ins and css libraries, like jQuery-UI and jqGrid.My most pressing concern is only with the generic selector… >>> More
Planning Database as a Service Implementation Project

as seen on Oracle Blogs - Search for 'Oracle Blogs'
People, process and planning are the three key elements to success in a private cloud journey. Some common questions i hear from field/customers often relates to tasks involved in setting up Database-as-a-Service(DBaaS) using Oracle Enterprise Manager 12c from scratch and how these tasks are mapped… >>> More
SQL SERVER – Performance Comparison – INSERT TOP (N) INTO Table – Using Top with INSERT

as seen on SQL Authority - Search for 'SQL Authority'
Recently I wrote about SQL SERVER – INSERT TOP (N) INTO Table – Using Top with INSERT I mentioned about how TOP works with INSERT. I have mentioned that I will write about the performance in next article. Here is the performance comparison of the two options. It is clear that performance of the Insert… >>> More
SQL SERVER – INSERT TOP (N) INTO Table – Using Top with INSERT

as seen on SQL Authority - Search for 'SQL Authority'
During my recent training at one of the clients, I was asked regarding the enhancement in TOP clause. When I demonstrated my script regarding how TOP works along with INSERT, one of the attendees suggested that I should also write about this script on my blog. Let me share this with all of you and… >>> More
Top SEO Tips to Let Your Site Top the Charts

as seen on Ezine Articles - Search for 'Ezine Articles'
If you are someone looking for ways to popularize your site, you are in the right track. This article will teach you how to make your site literally come out on tops on the search lists of leading search engines. Using the top SEO tips discussed here, you can find your site zoom up the search lists… >>> More