The first thing that requires to be placed in any security strategy is the physical protection of the server hosting your Oracle, DB2, and SQL server instances. I understand that some of your application and smaller test development instances may be unprotected on the developer’s servers, but any server holding production, pre-production, or testing database should be physically secured from malicious users.
Just visualize all the direct attacks that could take place against a server if anyone was able to access it. Not only could they physically damage the server, but a malicious user may also only have to open the server and directly take the disks that contain your database files to hack into those files at their leisure. It is almost impossible for a network administrator to protect the contents of a server if someone has direct access to the server, since special boot-up disks exist that allow a malicious user to bypass much of the pre-defined security on a server. You may laugh, but I have been at quite large companies in which a production database was an old desktop machine sitting under someone’s desk. Not really appropriate for a company in which the cleaning crew kept bumping into my own desktop and knocking out the hard drive.
This physical security policy should not only ensure the protection of the server against malicious users, it should also ensure protection against the elements. I know of at least one company in my past that did not have an adequate server room and during the heat of the day a window was opened in the “server” room to help cool off the servers. At least once in my short tenure there, a sudden storm came up and cooled off two of the servers with a nice soaking. Try to explain that outage to your end users.
Do the best that you can to make sure that servers are protected against all the little things that tend to keep them from working properly. You may not be able to rebuild your server room, but you can place something in your security policy so the next misinformed manager will not try to put your database servers under their desk or next to the water fountain.
Install security cameras surrounding the database server and monitor round-the-clock database server availability without fail.
When you want to make a strong Oracle DBA career then you should be aware of database services and other database technology. Without having knowledge of Oracle internals, Oracle performance tuning, and skill of Oracle database troubleshooting you can’t be an Oracle DBA expert.
This expert DBA Team club blog always provides you latest technology news and database news to keep yourself up to date. You should need to be aware of Cloud database technology like DBaaS. All Oracle DBA tips are available in a single unique resource at our orageek. Meanwhile, we are also providing some sql tutorials for Oracle DBA. This is the part of Dbametrix Group and you would enjoy more advanced topics from our partner resource.