Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Friday, September 19, 2008

Only 35% Of Oracle Users Continuously Monitor For Suspicious Activity

Oracle and the International Oracle Users Group commissioned Unisphere to survey the user group’s members in July and August and, out of 316 respondents, found 20% anticipated some kind of data security breach over the coming year.  Three out of four acknowledged they do not consider all of their database systems to be “locked down.”  “The breach by an external party tends to be more visible, but internal breaches are more frequent,” said Ian Abramson, president of the IOUG and a database consultant working in Canada.

Abramson said it hasn’t been unusual for him to stumble across views of sensitive data while fulfilling consulting contracts.  More and more, companies are pulling their production data forward into unsecure areas where business partners, outside contractors, consultants, or even customers can see it.

Encryption features generally may be applied to database tables as data is stored in them, and Secure Backup guarantees that only encrypted data flows out to the backup tapes.  “If used fully, these measures reduce serious risks,” said Abramson, but he also acknowledged that Oracle alone can’t cover all areas of security exposure.

Both Oracle and several third parties are making products available that monitor database activity, watching for suspicious activity and alerting managers when someone seems to be attempting unauthorized activity.

http://www.informationweek.com/news/security/app_security/showArticle.jhtml;jsessionid=NHV10EELD1SC4QSNDLPSKH0CJUNN2JVN?articleID=210602800

Posted on 09/19
StatisticsPermalink