RE: OT - SarBox paranoia prevention ?

• From: "David Wendelken" <davewendelken@xxxxxxxxxxxxx>
• To: <oracle-l@xxxxxxxxxxxxx>
• Date: Sat, 19 Feb 2005 22:17:13 -0500

Although I was trying to make people laugh, I was also being serious.

I understand that nuclear missile silos take 2 keys that have to be turned
simultaneously by two different people (they are spaced too far apart for
one person).

If they don't want to have a single dba able to install whatever they want,
then they need two dbas, each with 1/2 the key (1/2 the password).

And, they have to have a way of recovering the passwords if a dba becomes
"unavailable".
Either the passwords have to be in a lockbox (or two?), or 4 dbas are
needed.

Any other way won't prevent unauthorized code without collusion on the part
of two people.

If the auditors want that much security, and management is willing to pay
for it, then that's what they have to do.



--
//www.freelists.org/webpage/oracle-l

• Follow-Ups:
  • Re: OT - SarBox paranoia prevention ?
    • From: mhthomas

• References:
  • Re: OT - SarBox paranoia prevention ?
    • From: Chip Briggs

Other related posts:

• » OT - SarBox paranoia prevention ?
• » RE: OT - SarBox paranoia prevention ?
• » Re: OT - SarBox paranoia prevention ?
• » Re: OT - SarBox paranoia prevention ?
• » Re: OT - SarBox paranoia prevention ?
• » Re: OT - SarBox paranoia prevention ?
• » Re: OT - SarBox paranoia prevention ?
• » RE: OT - SarBox paranoia prevention ?
• » Re: OT - SarBox paranoia prevention ?
• » RE: OT - SarBox paranoia prevention ?
• » Re: OT - SarBox paranoia prevention ?
• » Re: OT - SarBox paranoia prevention ?
• » Re: OT - SarBox paranoia prevention ?
• » Re: OT - SarBox paranoia prevention ?
• » Re: OT - SarBox paranoia prevention ?

1. Home
2. oracle-l
3. Archive
4. 02-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---