Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Database
    • Database

    Oracles Secure, but Rest of World Isnt

    By
    John Taschek
    -
    February 4, 2002
    Share
    Facebook
    Twitter
    Linkedin

      “Unbreakable” is the tag line for the newest version of the Oracle9i database. Whether the name is derived from the good but misunderstood movie about a reluctant superhero with a fear of drowning or is just a marketing term conjured up to inspire hackers to beta test Oracles security scheme, Oracle is intensely interested in protecting your data.

      In fact, Oracle has three chiefs that are charged with some facet of security—a chief privacy officer, a chief hacking officer and a chief security officer, who said she has “the best job in the world.” Im sure Mary Ann Davidson—the chief security officer—would change her mind if she ever got the chance to work at eWeek.

      It appears that Oracle takes data security seriously. One way the company does this is through third-party evaluations, a costly and lengthy process in which an organization audits products to ensure they are as secure as the company claims they are. Oracle has had 14 of these evaluations, although none are associated with the “unbreakable” 9i.

      No 9i evaluation? Davidson said Oracle mainly submits “terminal” versions of products for review because those tend to be the most popular and because Oracle doesnt want to have to submit each point release update of the product to a process that could cost $500,000 (not including Oracle personnel costs) and a year to do.

      Meanwhile, IBMs DB2 apparently has undergone none of these evaluations, and Microsoft has had only one. It appears that IBM treats security mainly as a service enhanced by a few product offerings, notably in the Tivoli camp. Microsoft, meanwhile, treats security as a process, and it delivers procedures for helping customers defend against attacks.

      Thats the culture of these companies. But Oracle is using its evaluations to establish a culture of security within the organization. Thats why Oracles chief security officer is part of the development team. However, these evaluations are also helpful and will be necessary for winning government contracts.

      On the flip side, Oracle is just one small part of a bigger equation. Does it matter if your database is locked down, impenetrable and unbreakable, if your front-end Web site is wide open?

      By the way, 15 times more hack attempts against Oracle have occurred since the “unbreakable” campaign began. I suspect well see soon how Oracles security is holding up.

      Is Oracle unbreakable? Write to me at [email protected]

      John Taschek
      As the director of eWEEK Labs, John manages a staff that tests and analyzes a wide range of corporate technology products. He has been instrumental in expanding eWEEK Labs' analyses into actual user environments, and has continually engineered the Labs for accurate portrayal of true enterprise infrastructures. John also writes eWEEK's 'Wide Angle' column, which challenges readers interested in enterprise products and strategies to reconsider old assumptions and think about existing IT problems in new ways. Prior to his tenure at eWEEK, which started in 1994, Taschek headed up the performance testing lab at PC/Computing magazine (now called Smart Business). Taschek got his start in IT in Washington D.C., holding various technical positions at the National Alliance of Business and the Department of Housing and Urban Development. There, he and his colleagues assisted the government office with integrating the Windows desktop operating system with HUD's legacy mainframe and mid-range servers.

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×