[ISN] The Top Five Challenges In Securing Oracle Databases

From: InfoSec News <alerts_at_private>
Date: Wed, 24 Nov 2010 04:14:13 -0600 (CST)

By Adrian Lane
Contributing Writer
Nov 23, 2010

[Excerpted from "Database Security: Oracle Offers New Tools To Counter 
Threats," a new report posted this week on Dark Reading's Database 
Security Tech Center.]

It’s not easy to secure any relational database, let alone one as 
enormous and feature-rich as Oracle. The product’s massive and diverse 
deployments and legacy installations make it virtually impossible to 
identify and defend against every potential threat. Its connectivity to 
Web apps brings open-source and third-party variables into the mix, 
making the end-user organization even more vulnerable.

However, it is possible to tame the Oracle beast, especially with some 
new tools the company recently launched. Let's take a look at some of 
the security challenges Oracle database users face, and some of the 
methods of handling them.

Challenge 1: Patching

In the past, Oracle was terrible about creating timely patches for 
vulnerabilities brought to its attention. Highly publicized 
vulnerability disclosures and customer outcries have altered the 
company’s approach. Oracle still lags in meaningful disclosure of 
vulnerability risks, and it certainly does not communicate risk in a 
language its customers understand, nor does it typically provide 
workarounds. Nevertheless, it does release security patches in a much 
timelier fashion than it did just a couple of years ago.

But any Oracle DBA will tell you installation of Oracle patches is 
difficult, especially since systems often require rebooting after 
patching; the database is a hub around which many business functions 


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
Received on Wed Nov 24 2010 - 02:14:13 PST

This archive was generated by hypermail 2.2.0 : Wed Nov 24 2010 - 02:17:49 PST