Every Which Way But Loose

Rather than a one-size fits all solution - trying to handle everything through a Virtual Private Database policy - a proper security plan involves the use of a variety of techniques, each with their own place in the model. #oracle #vpd #security #roles #plsql #privileges #constraints

Production vs. Development Systems

There are several STIG items that deal with the differences between production¬†and non-production systems. Rule Title: Developers should not be assigned excessive privileges on production databases. Vuln ID: V-15114 Severity: CAT III Rule Version (STIG-ID): DG0089-ORACLE11 Discussion: Developers play a unique role and represent a specific type of threat to the security of the DBMS. … Continue reading Production vs. Development Systems