Five Thoughts on Oracle Security

Five different security related posts to which I have contributed on I did not necessarily provide the accepted answer for these, but felt that the questions posed were interesting enough to warrant a mention.

AntiVirus for my Database Server?

I've seen a couple of Oracle Community and AskTom posts over the last year or two about installing anti-virus software on Oracle database servers. Usually it is because someone in security told the sysadmin or the DBA that they had to install some kind of AV software because it was required. Been there; done that. I found out the hard way that doing so was a bad idea...

Database Independence is a Myth

One thing that going over this material again and again over the last few weeks has driven home for me, especially as our customer considers how best to implement their various choices for development frameworks, is just how much of a fairy tale the promises of middle-tier application servers turned out out to be in terms of processing business logic.

Automatically Protecting PII Data Columns with Transparent Data Encryption

What if you have a lot of potential PII data and you need to enforce some additional safeguards on it? How do I make this information actionable, and better yet how do I automate that action as much as possible?