Abstract
Attempting to secure an Oracle database by using just a checklist is a flawed idea. I say this even after creating some of the checklists that exist. I wrote the SANS Security Consensus Operational Readiness Evaluation (SCORE) checklist and the SANS Step-by-Step guide, and my step-by-step guide was used as the basis for the Centre for Internet Security benchmark version 1. So I speak with authority. Using checklists per se is not flawed; the measures and details in them are still useful and if followed will in general result in a more hardened database than if you didn’t follow the steps in them. But imagine that you download the CIS benchmark version 3; hundreds of pages and an even bigger number of checks are included. If you diligently sit down and follow and apply all recommendations, you would most likely be looking at man years of effort to complete all the checks. But after all of that effort, would your credit card data be secure? No! Why is that?
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Rights and permissions
Copyright information
© 2010 Melanie Caffrey, Pete Finnigan, Randolf Geist, Alex Gorbachev, Tim Gorman, Connie Green, Charles Hooper, Jonathan Lewis, Niall Litchfield, Karen Morton, Robyn Sands, Jože Senegačnik, Uri Shaft, Riyaj Shamsudeen, Jeremiah Wilton, Graham Wood
About this chapter
Cite this chapter
Finnigan, P. (2010). Securing Data. In: Expert Oracle Practices. Apress. https://doi.org/10.1007/978-1-4302-2669-7_15
Download citation
DOI: https://doi.org/10.1007/978-1-4302-2669-7_15
Publisher Name: Apress
Print ISBN: 978-1-4302-2668-0
Online ISBN: 978-1-4302-2669-7
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books