Musings on Database Security

Slavik’s Blog

Thursday, January 17th, 2008

Most DBAs do not apply security patches

In a recent survey we conducted, it turned out the DBAs are mostly ignoring security patches. Two thirds of the DBAs have never applied a CPU and only about 10% of them are applying CPUs in a timely fashion. After releasing the survey, we had some interesting responses in online publications [...]

2 Comments » - Posted in Oracle, security by Slavik

---

Thursday, July 5th, 2007

DBAs are not the enemy, but they too need watching

Back after a short and much needed hiatus, I came across this piece by security analyst Eric Ogren on Computerworld’s website. He discusses how DBAs have become public enemy number one because of compliance mandates to exercise segregation of duties, and how this has been blown out of proportion to other, greater risks.
A few days [...]

3 Comments » - Posted in DBA, breach, insider threat, monitoring, security by Slavik

---

• Tags

  bind_variables breach breach-notification compliance conference database-monitoring database-security database_security DBA educational_institutions hedgehog hipaa insider threat insider_threat intrusion monitoring MS SQL Server off-topic Oracle oracle_database_security oracle_security patching PCI Personal personally_identifiable_information pii presentation privacy regulatory-compliance sarbanes-oxley sb1386 security segregation_of_duties social_security_numbers SQL injection sql_injection technical technical tips TJX ukoug universities user identity visa vulnerability webcast

• Categories

  • breach
  • compliance
  • credit cards
  • DBA
  • encryption
  • insider threat
  • Java
  • monitoring
  • MS SQL Server
  • Oracle
  • OUG
  • patching
  • PCI
  • Personal
  • privacy
  • sb1386
  • security
  • SQL injection
  • technical tips
  • TJX
  • Uncategorized
  • universities
  • user identity

• Blogroll

  • Educational Security Incidents (ESI)
  • Julian Dyke
  • Oracle Chemist
  • Pete Finnigan’s Oracle security weblog
  • Peter Swire
  • Phat4Oracle
  • Security Incite
  • Securosis
  • Sentrigo
  • Tanel Poder

• Meta

  • Register
  • Log in
  • Entries RSS
  • Comments RSS
  • WordPress.org

•  

  August 2008

  M	T	W	T	F	S	S
  « Jun
  				1	2	3
  4	5	6	7	8	9	10
  11	12	13	14	15	16	17
  18	19	20	21	22	23	24
  25	26	27	28	29	30	31

Musings on Database Security is powered by WordPress 2.5.1 and delivered to you in 1.762 seconds using 20 queries.
Theme: Connections Reloaded v1.5 by Ajay D'Souza. Derived from Connections.