First Read - IT Security - Oracle Database Administrators Fear the 'Super User' | eWeek

Oracle Database Administrators Fear the ‘Super User’

Written By
John Hazard
John Hazard
Sep 26, 2008
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

What keeps Oracle database administrators up at night? Cranky servers? Hackers? Pushy vendor reps?

It’s their colleagues. Specifically managers, administrators, consultants and partners, dubbed “Super Users,” who have heightened access privileges. Such users could either maliciously or unintentionally compromise enterprise data and that worries Oracle DBAs more than any other threat, according to a recent survey, “Enterprise Data Insecurity: Are Organizations Prepared for the Threat from Within,” commissioned by the IOUG (Independent Oracle Users Group).

The survey recounts the DBAs’ concern over users with too much power to alter the data and upset the applecart.


  • Sixty percent of respondents said they are powerless to prevent users from reading or tampering with sensitive information in financial, HR or other business applications.
  • Thirty-one percent said users can bypass applications and gain access to application data in the database directly using ad hoc tools.
  • Thirty-nine percent said they don’t have the monitoring capability to even know when such an event occurs. Another 25 percent couldn’t answer the question.


To read the results of the IOUG study, clickhere.

In other words, a disgruntled employee, employed by your company or a consultant, might have the ability to access, read and alter HR, payroll and customer data, undetected.

You Can’t Trust Your Data

It’s not just a security threat. It also means you can’t trust your data or anything based on it.

Consider the statement of one respondent to the survey who told questioners that at his company there is “absolutely no security access defined for internal employees. Employees do everything their own way and do not follow any strict guidelines.”

Another said, “Privileged users that have access to the data sometimes pull that information out into departmental developed systems and manipulate the data for reporting purposes. At that point the data is out of the control levels available to ensure validity. Without executive support to stop this type of practice, there is no guarantee about the accuracy of the reported information.”

Only 26 percent of DBAs reported they have safeguards to prevent a database administrator from accidentally dropping a table or unintentionally causing harm to critical application databases.

This means that without these safeguards and monitors, the data you’re relying on to feed your business intelligence applications, report to government regulators and maintain for e-discovery purposes, the data that forms the bedrock of your business decisions, is in jeopardy because a “Super User” has the ability to drop a table from a database.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.