Data security should be at the top of every database administrator’s list of priorities. But traditional hardening of Oracle Database may not be the best way to go about securing your data.
There are three categories of tasks that are involved in securing Oracle databases. One is applying the security patches that become available regularly. Remember that these patches that come from Oracle itself help you plug security vulnerabilities and there is no better workaround than these. Then you need to harden your databases the traditional way. You would be setting different parameters, including audit_trail=DB and sec_case_sensitive_login=TRUE among others. These variables are detailed in Center for Internet Security Oracle Baseline Standard and other Oracle security documents and best practices. Both of these tasks should take 40% of your time in securing data stored on Oracle databases.
The bulk of your work would fall under the third category, and that is incorporating security into your database design and application deployment. That means that you will need to incorporate security into features of your database including user account privilege, identity, password management and account management, as well as access design and data permissions.
When you design a more secure database, you need to:
- Identify all the actors or users of your database, including all the people and processes that access the data you have. This is important to be able to come up with recommendations with regards to the rights and privileges for all the users later on and to help make security audit more efficient and useful with your data and database.
- Be sure to understand what types of data you have now, as well as how it is currently being secured, or not secured. You can do so by performing a security audit.
- Do a database audit. There are simple audit scripts and tools that you can use to scan your database. These tools should give you tons of information about your database, including the age of the database, links and schemas, as well as patch status and privileges issues. You would be able to see if there were instances of password cracking, account age, profiles, and privilege assignments. You might also want to see how key resources are used and what key parameters exist.
- Create a security policy for your data. Using the information you have from the three steps above, you should be able to come up with a sound data security policy that includes existing standards such as use and access policies, the current security state of your database and the best practices in your industry. It should also outline how you should secure the data.
Did you know that Four Cornerstone offers Oracle consulting in Dallas? This means that you can rely on us when you need to secure your database and your data. Four Cornerstone can help you make your data security concerns a thing of the past. Our team of Oracle certified professionals will be the ones who will be coming up with the audits and tools that you would need to secure your database.