Security Basics mailing list archives
Monitoring DB Admin
From: WALI <hkhasgiwale () gmail com>
Date: Tue, 29 May 2007 07:31:02 +0400
....And the auditors report mentions that I (the internal IT Security Admin) should have independent monitoring of DB Admin activities, the likes of DROP, ALTERS etc on an inhouse developed accounting package using Oracle 9i backened.
Not only this, the crazy auditing guys want to have preventive rather than detective controls in place for DB Admin.
How secure can we make an application if we start doubting the guys we trust...the next thing the auditors would want is preventive controls over me...Grrr!!
But still...is this doable!!??
Current thread:
- Monitoring DB Admin WALI (May 29)
- RE: Monitoring DB Admin Ackley, Alex (May 30)
- <Possible follow-ups>
- RE: Monitoring DB Admin Craig Wright (May 29)
- Re: Monitoring DB Admin Erkan KAHRAMAN (May 30)