[ISN] Oracle CEO Touts Security Plans

From: InfoSec News (isn@private)
Date: Thu Sep 22 2005 - 22:42:23 PDT


http://www.internetnews.com/bus-news/article.php/3550651

By David Needle 
September 21, 2005 

SAN FRANCISCO -- With all the fervor of a sold-out rock concert,
thousands of Oracle faithful packed the Moscone Center here at the
Oracle Open World conference to hear CEO Larry Ellison's keynote.  
Earlier on Monday, Oracle co-president Charles Phillips kicked off the
event with a major announcement of the database giant's plans to work
with IBM on compatibility between their respective middleware
offerings, Oracle's Project Fusion and IBM's WebSphere.

Ellison didn't have any blockbuster announcements to make, but he kept
the attendees' attention riveted, covering a wide range of topics from
Oracle's recent high-profile acquisitions to business intelligence and
security. And, of course, a few digs at rival Microsoft, a staple of
almost any Ellison speech.

With Oracle's acceptance of WebSphere, Ellison did little to quell
speculation the company would also support IBM's DB2 database on its
Fusion middleware. It's an important issue, given that Oracle has
inherited a huge number of DB2 users via acquisitions such as
PeopleSoft, Retek and Siebel.

"We will make a decision after a long careful process," said Ellison.  
He added that Oracle is talking to PeopleSoft customers and others
about whether their priorities are portability or the extra security
and performance he thinks they'd get by migrating to Oracle database
software. "Right now it's a coin toss [as to what Oracle will do],"  
said Ellison.

Addressing one controversy head-on, Ellison disputed an assertion by
Marc Benioff, CEO of CRM on-demand provider Salesforce.com, that
Oracle would kill its recently acquired Siebel OnDemand CRM offering
because it runs on rival IBM's DB2 database. He noted that Oracle also
recently acquired Retek, whose software for retailers also runs on
DB2, and the company has no plans to kill that.

"We're very comfortable with a multiple database strategy, if that's
what customers want, and we plan to support Siebel OnDemand," Ellison
said.

Security was a big theme of Ellison's remarks, which were followed by
about an hour of Q& A with the audience. He said there is a debate
within Oracle over whether the company should allow non-encrypted
backups of Oracle database files. "If I lose a DVD with customer
files, someone can read it and use that information," said Ellison.  
"No one wants that liability. I say no (to allowing non-encrypted
backups)."

He further warned that Internet growth, along with new technologies
like VoIP, are increasing security risks. "As you move more
information over the public Internet and let more employee access
systems from home over the Internet and from branch offices, your
security risks are increasing," Ellison noted.

Among other initiatives, he said Oracle will be very focused on
intrusion detection technology and strategies, as well as identity
management. "Security is a number-one issue today, and it will be one,
two and three tomorrow," he said.

As for VOIP, Ellison warned that companies need to be careful in their
implementation of the Internet phone call technology which he said
allows "malicious people" to shut down or intrude on a company's voice
network.

He tweaked Microsoft's Bill Gates for once saying his company was
going to devote special focus to security for the month of February.  
"Our first client was the CIA, and our second client was the National
Security Agency. That was 25 years ago. We've been working on security
since day one," said Ellison. He further claimed the last time an
Oracle database was broken into was 15 years ago, versus the 45
minutes he said it took for someone to break into Microsoft's first
version of its Passport online ordering system.

Another area Ellison touched on was business intelligence software,
which he said is a huge improvement over the systems many businesses
use today. Ellison said BI software should, for example, let a user
know how much making a certain purchase puts him or her over the
capital budget. Or, when a salesperson changes a sales forecast, it
should let him or her see the change in ranking against peers.

A favorite BI application of his in use at Oracle reveals how well its
engineers are doing by comparing whether service requests are going up
faster than sales. "It's much more effective if information is coming
from the market rather than from a manager," said Ellison.

Asked about his next acquisition, following the multi-billion purchase
of Siebel, Ellison said he has nothing planned. He reiterated a point
he made over five years ago that the Internet is probably the last
technology architecture, and he added that Oracle is focused on
implementing service-oriented architectures (SOA). "I'm not sure what
comes after SOA," said Ellison. "This visionary is very much in the
present."



_________________________________________
InfoSec News v2.0 - Coming Soon! 
http://www.infosecnews.org 



This archive was generated by hypermail 2.1.3 : Thu Sep 22 2005 - 23:04:48 PDT