Oracle database security

Oracle has always focused on making the database security easier for the customers to understand and tough to crack. After Oracle 9i you would notice significant changes that have been made and with new Oracle11g you get a security guide that works as a guide for you to refer to maintain Oracle database security.
You should know that you can install the database software in typical and custom mode. If you are installing this for production systems then you can just install what is needed. You can install the additional features as and when you need. To install these additional features you just need to run the installer gain. It is recommended by Oracle not to have sample schemas in your systems and if you have them then it is advisable to remove or lock them.

If you have installed oracle database then you know that it installs with various default accounts. These accounts have preset passwords. Once oracle database is completely installed then these default account are automatically locked and their passwords are changed to the value that is specified during installation. Here, you must note that database configuration assistant locks these accounts when the installation is being done but these same database configuration assistant cannot do this if the database is created manually. That is why you will have to manually close these default accounts or expire them.

The customers must enforce the policies related to password expiration, failed login and complexity of the password. The users must manage the passwords according to the password management rules. It is very important to change the default user passwords for Oracle database security. Choosing good and strong passwords is the best way to tackle password related threats to the security. The recommended password must be at least 10 characters long, alphanumeric and should be a meaningless word Oracle database 11g supports passwords of mixed case and you can also include symbols. One good way to create passwords is by combining weaker passwords.

Unix and Windows offer you variety of services related to operating services. You should close UDP and TCP ports for every service that you disable. You must disable both the ports in order to make the operating system secure. If you disable just one of the ports and not the other one then you cannot expect the operating system to be secure.

Another good way to strengthen Oracle database security is to the restrict the number of users. The ability to modify the directory permissions and default files should be restriction. Even the oracle owner must not modify these authorizations unless it is instructed by Oracle. You must apply security patches from Oracle for oracle and operating system. You should also remove the dangerous privileges.
The network traffic between the clients, application servers and databases must be encrypted. There are many other security check lists that you can refer to. These checklists and guides are easily available for your reference. After you have take all the care and if you still face any issue then you must report the security issues to Oracle. You can submit a request to Oracle world wide support services. You can do that by using Metalink or by sending an email describing the complete problem, product version and the platform that you are using.



This genuine article is provided by GreenSQL - providing Oracle database security solutions.