Auditing an Oracle database for security issues is very important. PeteFinnigan.com provides all of the information and tools that you will need Click here for details of PeteFinnigan.com Limited's detailed Oracle database security audit service Click here for details of PeteFinnigan.com Limited's Oracle Security Training Courses
There are 72 visitors online    
Cookie Policy:We only use essential cookies on small sections of this website. For details see here.

Oracle Security Policy Development

PeteFinnigan.com Limited offer an Oracle security policy development service to clients and customers. Policies can take a number of forms and can span small areas (such as database authentication) or larger areas such as an Oracle database hardening guide. Policies can also take varied forms such as the more traditional documents, policies for commercial database security scanners or SQL and PL/SQL check scripts, or even custom development. PeteFinnigan.com Limited has experience in all of these areas.

There are many steps involved in securing an Oracle database and having a written policy or baseline standard for the Oracle database is an important part. For example, if a site has no apparent security for its Oracle databases a number of steps must be put into action. A security policy must exist that includes the Oracle database so that an audit can be performed to assess the current security posture of the database and also assess the databases compliance with the policy. A strategy phase must then ensue that is used to determine what to harden and when. The hardening phase should secure the database to a defined level. A final monitoring phase can then take place to ensure that the database stays within the defined security settings. The same audit results and correction strategy can then be used as a basis for securing all Oracle databases in an organisation.

The above text describes the ideal world. PeteFinnigan.com Limited's experience has been that some clients do have policies but they don't have enough depth, some have no policy at all. We have found that clients who have PeteFinnigan.com Limited perform a security audit of their database would like their internal policies updating and also in some cases writing. Also a lot of clients are interested to monitor their databases once hardened for compliance and also to use the baseline to scan other databases.

Oracle Security Policies

Based on the above experiences and requirements we can provide the following services to create documents, policies and code.

  • Creation of Oracle database security standards tailored to your own company
  • Creation of Oracle database baseline standards specific to your own company requirements
  • Creation of the Oracle database specific portions of a company security policy to the styles required by your existing documentation.
  • Creation of policies for commercial database scanners to allow all databases in an organisation to be tested for compliance to your own standards. The same policies can be used as part of a monitoring strategy to test that all databases remain in compliance.
  • Creation of custom SQL, PL/SQL and shell scripts to perform the same service as a commercial scanner policy described above
  • PeteFinnigan.com Limited can also assess existing code or custom policies to determine suitability, security compliance of the code and more.

The above list is not exhaustive. If you don't see your exact requirement listed above, then do not worry, contact PeteFinnigan.com limited at info@petefinnigan.com in the first instance and we will be able to help you.

Any company who feels that they could offer complimentary services to PeteFinnigan.com Limited's own services and would like to become a partner for PeteFinnigan.com Limited to offer their services in the UK should contact info@petefinnigan.com in the first instance. Also any company who would like to offer some of PeteFinnigan.com Limited's services in another country should also contact info@petefinnigan.com.