PeteFinnigan.com Limited offer an Oracle security policy development service to clients and customers. Policies can take a number of forms and can span small areas (such as database authentication)
or larger areas such as an Oracle database hardening guide. Policies can also take varied forms such as the more traditional documents, policies for commercial database security scanners or SQL and PL/SQL
check scripts, or even custom development. PeteFinnigan.com Limited has experience in all of these areas.
There are many steps involved in securing an Oracle database and having a written policy or baseline standard for the Oracle database is an important part. For example, if a site has no apparent security for
its Oracle databases a number of steps must be put into action. A security policy must exist that includes the Oracle database so that an audit can be performed to assess the current security posture of the database and also assess the databases compliance with the policy. A strategy phase must then ensue that is used to determine what to harden and when. The hardening phase should secure the database to a defined level. A final monitoring phase can then take place to ensure that the database stays within the defined security settings. The same audit results and correction strategy can then be used as a basis for securing all Oracle databases in an organisation.
The above text describes the ideal world. PeteFinnigan.com Limited's experience has been that some clients do have policies but they don't have enough depth, some have no policy at all. We have found that clients who have PeteFinnigan.com Limited perform a security audit of their database would like their internal policies updating and also in some cases writing. Also a lot of clients are interested to monitor their databases once hardened for compliance and also to use the baseline to scan other databases.
Based on the above experiences and requirements we can provide the following services to create documents, policies and code.
The above list is not exhaustive. If you don't see your exact requirement listed above, then do not worry, contact PeteFinnigan.com limited at info@petefinnigan.com in the first instance and we will be able to help you.
Any company who feels that they could offer complimentary services to PeteFinnigan.com Limited's own services and would like to become a partner for PeteFinnigan.com Limited to offer their services in
the UK should contact info@petefinnigan.com in the first instance. Also any company who would like to offer some of PeteFinnigan.com Limited's
services in another country should also contact info@petefinnigan.com.
Oracle Security Policy Development
Oracle Security Policies