It is interesting to take note that there is an ever increasing interest in Oracle database security and that people are becoming more aware of the risks to data day by day, event by event. This is good, the message is getting through and people are starting work on securing data at its source, in the database. More on this tomorrow, I have a half written post developed on the back of a forum post about the movement in interest in Oracle security.
My presentation was a new one for this event and the slides can be downloaded from my Oracle security white papers page. It is the top entry (obviously now, if you are reading this some time later then scroll down a bit and search for it). There are two versions as usual, the full one slide per page and the smaller (to download) 6 slides per page version.
This was a very interesting subject for me and I wanted to get across two important messages. These are:
- Consider archiving and purging of security data such as audit trails and logs
- Consider the security of archived business data (and also security data)
These are important for me as they fall into a class of issue I see more and more. That is the fact that often when there is security of specific data implemented its often very focused. I.e if you secure the credit card data, you secure the credit card table only and not all the other places the credit card data exists in your database and outseide of it. Archive data falls exactly into the same space and issue.
It was a good event, London was hot, now I am off home to wait for the July 2008 CPU to be available later this evening UK time.