| |
 |
|
Oracle Tips by Burleson |
Chapter 4 General Oracle Security
different rooms or enclosures, as described in
Figure 4.1 below.
Figure 4.1
Security Segregation of Multiple Server Groups
Each of these should have a specific level of
security clearance requirement, and that should be enforced by the
keypads on the doors or the other authentication devices described
earlier.
HIPAA requirements clearly state that the
physical security of the servers be enforced. It does not prescribe
the level of isolation of servers based on security, but it does
recommend it. Either way, the best approach to security can be
implemented by setting aside a non-regular area, secured by some
sort of authentication device, which could be as simple as a padlock
or as sophisticated as a retina scanner. The use of an automated
system is preferred because it also records who went in and came
out. This is especially important during investigations.
Important Points
-
Physically isolate servers in a secured
enclosure
-
Enforce some type of authentication
mechanism to allow legitimate users to enter the enclosure
-
If needed, separate groups of servers with
varying security requirements into separate secured enclosures
Firewalls
Firewalls offer a logical
barrier to external user accesses. Most of the servers inside a
company's internal network should not be accessed by outside users.
Therefore, they
The above text is
an excerpt from:
Oracle Privacy Security Auditing
The
Final Word on Oracle Security
This is the only authoritative
book on Oracle Security, Oracle Privacy, and Oracle Auditing written
by two of the world’s leading Oracle Security experts.
This indispensable book is only $39.95 and has an
immediate download of working security scripts:
http://rampant-books.com/book_2003_2_audit.htm
 |
For more details and scripts, see my new book "
Oracle
Tuning: The Definitive Reference", over 900 pages
of BC's favorite tuning tips & scripts.
You can buy it direct from the publisher for 30%-off and get
instant access to the code depot. |
|
