I have to agree with Matthew, this conversation has run it's course. Baring
any followups from Chris, I'm not sure there's anything left to discuss.
Looking back at his email he made no mention of FRA, SAN's, data security, or
consultants. I feel any further discussion would further dilute Chris' original
intention.
On Jul 19, 2016, at 8:43 AM, Mladen Gogala <gogala.mladen@xxxxxxxxx> wrote:
On 07/18/2016 11:40 PM, Ryan January wrote:
I think you're missing the point. In his scenario the backups do not resideHi Ryan,
on the same physical 'server' (and we're well aware that the item 'serving'
the files may be a NAS). I've never run across a single auditor that would
argue to the contrary. Before you ask, yes that has included those
complying with both SOX and HIPAA, one of which used Deloitte as an external
auditor. It's not about how the data gets to it's destination, it's how
it's stored that matters.
Even if the data is on FC disks, it is on a physically separate box. SAN is
usually a separate box. I mentioned HIPAA and SOX because they deal with
security among other things. D&T consultants usually require backup
encryption. I had endless discussions about the data security and the DBA
role. The problem is usually the fact that DBA can see all the data in the
database and the solution is a pricey one: TDE. On the other hand, "backup
restore" from the continually updated backup is just a "switch datafile <nnn>
to copy" command. It's a poor man's standby and it doesn't really address
issues that need to be resolved for a DR plan, neither from an availability
point of view nor from the security point of view.
--
Mladen Gogala
Oracle DBA
Tel: (347) 321-1217