Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Add License Checks Anywhere in your PL/SQL"]

The challenges of securing data in an Oracle database

I will be doing a talk at an even in Eight Members Club Bank, 1 Change Alley, London,EC3V 3ND on the 14th June 2022. The event runs from 8am to 10am. The event is free to attend and to register go to Northdoor, the organisers website. I hope to see you there!!

In this talk I will use the Oracle database as the example as that is my area of focus and expertise but the talk is general to all databases so even if you use SQL Server or DB2 or Postgres or DB2 or... the ideas and discussions are just as valid for you to get something useful from it.

This talk is based on many years of working with customers to assess the security of the data held in their databases. Remember, our task is to secure the data we hold and process and to not just simply try and secure the database software itself; the problem space is more complex than that.

I will discuss the main threats to data held in an database from the complexity of the database stack; the lack of a strategy in most companies to secure data in a database and a lack of evidence of actual security of data in a database when I come and review it.

Legacy, default installations and the move to put databases in the cloud do not improve the picture of the core database security and data security itself. I will discuss why this picture persists across the industry in my experience and then the best part of the talk; what can companies do to make data more secure in an Oracle database and how to do it cost effectively in terms of time and money and use of or lack of skilled people.

I will expand on all of this at the talk in London on the 14th June. Please come along and list to myself and also Noam Markfeld who will speak about securing and masking sensitive data and masking.

To register please visit this link.