Re: How to Limit OEM12c user access
- From: Dba DBA <oracledbaquestions@xxxxxxxxx>
- To: ORACLE-L <oracle-l@xxxxxxxxxxxxx>
- Date: Thu, 9 Aug 2012 16:45:02 -0400
The kinds of requirements are all too common from managers and security
people. I have a requirement that first name, last name, and email address
cannot be in the same table because that is PII data. We also have a
requirement that these 3 fields need to be unique. Don't bother asking me
why. I don't have access to security people. I have had these discussions
with security people before at other companies and it generally comes down
to a generic 'best practice' or some other nonsensical 2 word answers
basically summed up to 'because I said so'. Security guys will not be
challenged because if something happens and something gets stolen, there is
finger pointing and you don't want to be in the line of fire for the blame
game even if what you challenged has nothing to do with what got stolen. So
there is a lot of 'add rules so I can't be blamed'. I was on a government
project and the government brought in some security auditors from Ernst and
Young. There were a bunch of 23-24 year olds right out of college billed at
$200+/hour that were just reading off a checklist.
you might want to open a ticket with oracle, there may be some backdoor
way to restrict access.
--
//www.freelists.org/webpage/oracle-l
Other related posts: