Oracle 11g Books

Oracle tuning

Oracle training

Oracle support

Remote Oracle

STATSPACK Viewer

Privacy Policy

Oracle Tips by Burleson

Protecting Data Requires More than just Protecting the Production Database

Hackers often look for data in places that are left unsecured.  The listing below provides a few examples of the data stores that hackers may access to steal your production data:

Oracle Export utility output files.  Oracle Export files can be easily transferred to a remote location and quickly loaded into any Oracle database to recreate your production database environment. The hacker then has unlimited access to all of your trade secrets in complete anonymity and without maintaining a connection to your production database. 

The file copies from hot and cold database backups. We (and the hackers) know that database backups are duplicates of your production database. It is a often a simple process for hackers to find the output files or find the scripts that create the backups for your production database environment.

QA, test, development, reporting and disaster recovery databases. How many times have you been asked to refresh these non-production databases with production data?  Once the data is refreshed, these non-production databases must be treated as production data stores and secured accordingly.

Using LOGMINER to scan Oracle online and archived redo logs. Now that Oracle has provided us with a quick and easy way to access data changes stored in the redo logs, these files, and the LOGMINER utility, also needs to be secured.

The UTL_FILE_DIR directories. UTL_FILE_DIR  is used as the target directory for flat file output created from PL/SQL stored programs.  Hackers can gain access to the parameter file that defines the output directory and gain access to the PL/SQL output.

Download your Oracle scripts now: www.oracle-script.com The definitive Oracle Script collection for every Oracle professional DBA