Re: OT: percent of DBAs that know how to impletement database security measures
- From: Mladen Gogala <gogala@xxxxxxxxxxxxx>
- To: bzelli@xxxxxxxxxxxxxx
- Date: Wed, 05 Apr 2006 08:42:30 -0400
On 04/04/2006 08:50:32 PM, Zelli, Brian wrote:
> We have to document every exception for access, limit and restrict
> developers to only development machines and then make every correction,
> move
> and implementation to the production instances. It is a pain but a
> necessary evil to comply with SOX. We have had no issues with the
> federal auditors in the 2 years that reporting has been mandatory. And
> we've gotten to understand our environment from most angles. Not
> perfect but being forced to get there.......
Yes, SoX is a good law which has so far prevented numerous collapses
like Enron, MCI or Global Crossing. It was bound to happen, given the
evil perpetrated by the DBA personnel in case of all those companies.
That is why it is absolutely vital for the database to be over-administered
to the point of being ridiculous. Making absolutely sure that user has to
enter at least 3 passwords (PC, Oracle and Web proxy) before he or she can
start working is extremely important and as effective as Giulliani's "shop
until you drop" tactics was against terrorism. Forcing an average cubicle
dweller to change password every 90 days is guaranteed to prevent another
Enron. It looks like GM is just about to collapse. The only thing preventing
it from doing so are regular password changes.
--
Mladen Gogala
http://www.mgogala.com
--
//www.freelists.org/webpage/oracle-l
Other related posts:
