
Best Practices: Secure Oracle Configuration and Database Auditing
In our last post, we shared the 4 most important areas of database security and discussed how to safeguard your Oracle environment with best practices for Authentication and Access Controls.
In this post, we continue with a breakdown of Oracle database security best practices for Secure Oracle Configuration and Database Auditing.
Secure Oracle Configuration
Secure Listener Configuration
Listener authentication should be local OS user. Implement standard configuration for inbound connection timeout and sqlnet expire timeout.Listener Ports
Do not use default ports for Oracle listener configuration. Change the default listener port to prevent default SQL attacks.Configuration for Oracle external procedures
External procedures can be used for SQL injection/hacks. They need to be secured for application-specific use only.Patching
Perform regular Oracle security patching. MiCORE recommends applying patches at least twice per year. You can check the Oracle Technology Network (OTN) security site for details on security alerts released by Oracle.Non-Production Data Refreshes
Leverage data cleansing and data masking procedures for data migration from production to non-production environments.Secure Backups
Implement policies for data encryption for operational procedures such as RMAN backups or data exports.TDE
Ensure that PII elements are identified and Column encryption is in place. Create metadata repository for PII elements in Oracle databases.Database Auditing
Monitor your environment and identify potential attacks by implementing a unified auditing policy. Basic auditing should be configured for all databases and system operations. Centralize audit data and create reports so you can view the audit records. Select the right type of auditing for your Oracle database based on your specific needs:- Statement level auditing: Audits on the type of SQL statement used, such as any SQL statement on a table (which records each CREATE, TRUNCATE, and DROP TABLE statement)
- Privilege level auditing: Audits use of a particular system privilege, such as CREATE TABLE
- Object level auditing: Audits specific statements on specific object, such as ALTER TABLE on the EMP table
- Fine-grain auditing: Provides added functionality of auditing specific columns that hold sensitive information such as PII or salaries, as well as using event handlers which allows you to write a function that send email alerts to security administrators when unauthorized updates are made to audited table elements.
Proactive Security Assessments
In addition to the ongoing auditing discussed above, we recommend performing a holistic review of all security components of your Oracle databases once per year. The holistic security assessment should include a high-level analysis of:- Database user accounts
- Password policies
- Operational procedures
- Data migration and refresh
- Database configuration
- Oracle security patches
- Database access control

Recent Posts
-
4 Ways An MSP Will Help You Navigate Through The Hybrid Model
December 6, 2023 -
5 WAYS FRACTIONAL RESOURCES WILL HELP SCALE YOUR BUSINESS
December 4, 2023
Categories
- AWS DATABASES (1)
- Azure (2)
- AZURE MANAGED SERVICES (1)
- Cloud management (17)
- Cloud Migration (3)
- Database management (41)
- Multicloud , Cloud implementation (2)
- News and Events (4)
- OPEN SOURCE DATABASES (1)
- ORACLE (7)
- ORACLE CLOUD MANAGED SERVICES (3)
- POSTGRESQL (1)
- Redshift (1)
- SQL (6)
- SQL SERVER (4)
- Startup (2)
- Technology (3)
Tags
Amazon vs. Oracle Cloud
App integrations
AWS
Azure
Cloud Interface
cloud management
Cloud migration
Cloud vendor
comparison
CPU Pricing Metrics
database administrators
Database as a service
Database management
Database Migration
database protection
Data Corruption or Loss
Data security
data volumes
data warehouse implementation
Data Warehousing
Deadlock
Deadlocked Scheduler
Deep Dive EC2
Error 17884
Hybrid cloud
Hybrid Cloud Approach
Hybrid Cloud Computing
IT
Licenses Costs optimization
Microsoft azure
ODA Review
ODA solution
Oracle cloud
Oracle cloud benefits
oracle database
Oracle Database Appliance
Oracle Licensesing
Overloads
Remote Database Management
Remote Database Support
Service-Level Agreement
SQL
SQL Server
Virtual Machine Pricing
Workload migration
Need Assistance? We’re Here
To Help You
Talk to us about any of your database, cloud management, and migration challenges.
Our IT experts will get in touch with you soon.