A lot of things are possible in the cloud, but not everything. A couple of technologies in particular that might seem common in on premise systems are nearly impossible to deploy in the cloud. The first is the idea of multiple networks. Many systems are deployed around the idea that there is a common, “public” … Continue reading What the Cloud Can’t Do
A proper understanding of Oracle product licensing is essential to planning and controlling costs associated with system development and deployment. Taking into account that the cost and number of licenses you need may vary depending on the operating system you choose to use, the number of physical CPU sockets in your hardware, the number of users your system will support, or whether or not your servers are virtualized, and it doesn’t take much to get completely lost. If you don’t plan and implement carefully, an audit of database usage by Oracle (yes, they do that!) could wind up costing you hundreds of thousands of dollars or more in additional fees.
One thing that going over this material again and again over the last few weeks has driven home for me, especially as our customer considers how best to implement their various choices for development frameworks, is just how much of a fairy tale the promises of middle-tier application servers turned out out to be in terms of processing business logic.
An example of a method for scanning the Oracle data dictionary for potential PII data and automating specific responses, such as encrypting of columns or alerting the DBA, when new data is found.
What needs to be done? At this point it is important to stop and consider that if you have read my previous posts in this series and followed all the links that I recommended then you will have read a lot of other people's documentation and best practices. With a little luck you may have … Continue reading The Database, Your Way
What needs to be done? In my last two posts I discussed the rules of the road in relation to designing and implementing an Oracle database information system, and how to evaluate compliance and overall security posture. In this post I will discuss the basic Oracle license, which has been known to cause a lot … Continue reading License to Drive
A filter that allows incoming database connections to be approved or rejected based on the values of their sys_context parameters.
What needs to be done? In my last post I talked about the legal rules of the road in regards to designing and implementing a database information system, starting from the top level and driving down to the nitty gritty step-by-step hardening instructions, including the STIG. Once the applicable rules are understood, it is important … Continue reading Passing the Test
What needs to be done? Before a driver heads out on the road, it is important for him or her to know the rules. Not just common sense stuff like "don't drive on the wrong side of the road", but the actual rules and laws that govern what you're about to do, like obeying a … Continue reading The Rules of the Road
It's a new year, and therefore time to start a new series of posts. This year I will be looking at how to secure Oracle on a limited budget (or more commonly a non-existant one), with an emphasis on what can be done for little or no additional cost beyond the basic hardware and software … Continue reading And Now for Something Completely Different…
The core of virtually every application that manipulates data is the database. It is vitally important, in both production and development environments, to understand at all times what the database is doing and why. There are a variety of commercial database monitoring solutions available in the market today; most rely on SQL monitoring and monitoring … Continue reading Real-Time Oracle 11g Log File Analysis
A business or organization can only be successful if its critical data is well managed and secure. Every day the news is filled with stories of corporations, financial institutions, and governments whose data systems have been compromised. Tightly configured network architectures which limit the direction and channels through which data flows can greatly reduce the … Continue reading Deploying an Oracle 11gR2 Connection Manager