The Wayback Machine - https://web.archive.org/web/20100318015507/http://www.pythian.com:80/services/dba_consulting/security/

Security

While many companies follow a mainly “perimeter security” approach – their focus being on firewalls and advanced authentication options – others feel the best approach is to limit access to a very few people.

On their own, both approaches have limitations because achieving stronger security requires an ongoing process.

Strong Security is an Ongoing Process

  • How many times have you implemented advanced authentication options and auditing for your databases?
  • Have you implemented data encryption, secured all transportation channels for the data, and made sure off-site backups won’t be the source of information leaks?
  • Have you adopted the latest intrusion detection technologies?
  • Do you run periodic security reviews and implement regular database vulnerability assessments?

At Pythian, we understand databases and their feature sets. We know how to get to the root cause of a vulnerability and we have the experience to apply best practices to fix it.

What sets Pythian apart is our experience with many systems across many industries, even those industries such as financial and healthcare that set the standard for security. We have also worked through many compliancy rules (e.g., SOX, HIPPA, PCI).

Security is an ongoing process and adding the right security expertise to your DBA team goes a long way to making your security stronger.

Benefits: Security

  • Prevent hacking, downtime, loss of data
  • Confidentiality
  • Clear delineation and auditing of privileges to various individuals in the organization
  • Peace of mind
  • Protection from human error
  • Known failover/recovery times
  • Battle tested DR configurations
  • Roadmap to improve your business continuity plan

Database Features

We have extensive experience in OracleOracle Apps, MySQL and SQL Server.

When it comes to security, we know how to get the most from the features such as:

  • Oracle: Virtual Private Databases (VPD), fine-grained auditing, advance security options, database roles and privileges, CPU patching, change control/Tracking, password management.
  • Oracle Apps: Review of potential security holes, password change strategy, SSL implementation, listener password implementation, CPU patches (e.g., Critical Patch Updates).
  • MySQL: Access control and GRANTs, encrypted connectivity, secure replication, securing files on the operating system, MySQL networking options.
  • SQL Server: Baseline Security Analyzer, Kerberos Authentication and SSPI handshake, password policies, Windows Authentication, security lists for the auditors, SQL injection analysis, data and database encryption.

Learn more about working with Pythian »

Get started