RE: Database and System Security

RE: Database and System Security

 

  

Actually sox verifies you are following the procedures.
We are in the middle of an audit right now in fact.

It is not assumed that the person leaving is going to do something but
why take an unnecessary chance?
The amount of long term damage someone with a high level of access could
do is just not worth the risk.
I could probably put my company out of business if I put my mind to it
with my access. So why on earth take that kind of chance?

Personally I would prefer my company changed the passwords when I left.
That removes me as being a primary suspect if something were to happen
shortly after I left.

Been more than once in my career I thanked god I did not have a password
on a certain system. I watched two people get fired at my last job just
because they could not determine which one of them had done something on
a system.

-----Original Message-----
From: Les Hollis
[mailto:oracledba-ezmlmshield-x88016194.[Email address protected]
Sent: Thursday, November 02, 2006 4:34 PM
To: LazyDBA Discussion
Subject: Re: Database and System Security

OK I agree that you need to change the passwords, access, etc

MY POINT was why is it assumed that EVERYONE that leaves is going to
cause
problems....

Yes, there are some disgruntled, upset, fired employees that COULD cause
you
problems and probably would...but it just seems that the assumption is
that
they WILL....


And yes, SOX requires a procedure that is followed when an employee
leaves...

Key here is that SOX looks for is a procedure to be in place whether you

follow it or not.....




----- Original Message -----
From: "Dustin Hayden "
<oracledba-ezmlmshield-x97443370.[Email address protected]
To: "LazyDBA Discussion" <[Email address protected]
Sent: Thursday, November 02, 2006 12:18 PM
Subject: RE: Database and System Security


> Yes you may know that but how does the place you work know that?
> Besides Sox requires these measures be taken whenever someone leaves a
> company.
>
>
> -----Original Message-----
> From: Les Hollis
> [mailto:oracledba-ezmlmshield-x41053127.[Email address protected]
> Sent: Thursday, November 02, 2006 11:41 AM
> To: LazyDBA Discussion
> Subject: Re: Database and System Security
>
> why is it that everytime someone leaves a job it is ASSUMED that
he/she
> will
> try to get back in and do something 'malicious'?
>
> If I were to leave my current job, I'd want nothing to do with what I
> was
> doing here.
>
>
> Do you think that he is prone to do something?
>
> Change your oracle user password, system, sys root on the UNIX box and
> remove/disable any id created for him. That is about the best you can
> do.
> Depending on your application, you may be able to change the schema
> owner
> password...
>
> Do you not have a firewall? IF so, then he obviosuly had a VPN access
> method...make sure that is disabled
> ----- Original Message -----
> From: "Bommareddy Anil Kumar "
> <oracledba-ezmlmshield-x88206988.[Email address protected]
> To: "LazyDBA Discussion" <[Email address protected]
> Sent: Thursday, November 02, 2006 2:42 AM
> Subject: Database and System Security
>
>
>> Hi Gurus,
>> Our senior DBA is leaving job for good. He
>> remembers most the critical passwords[both databases and system] and
> ip
>> addresses. He is also technically sound from Network and OS
> perspective.
>> How to prevent any mischief or security as a result of this in near
>> future?
>>
>> Thanks,
>> Anil
>>
>>
>> ---------------------------------------------------------------------
>> TO REPLY TO EVERYBODY , PLEASE CLICK REPLY-ALL, NOT JUST REPLY
>> To post a dba job: http://jobs.lazydba.com
>> To Subscribe : http://www.LazyDBA.com
>> To unsubscribe: http://www.lazydba.com/unsubscribe.html
>>
>>
>
>
>
> ---------------------------------------------------------------------
> TO REPLY TO EVERYBODY , PLEASE CLICK REPLY-ALL, NOT JUST REPLY
> To post a dba job: http://jobs.lazydba.com
> To Subscribe : http://www.LazyDBA.com
> To unsubscribe: http://www.lazydba.com/unsubscribe.html
>
>
>
>
> ---------------------------------------------------------------------
> TO REPLY TO EVERYBODY , PLEASE CLICK REPLY-ALL, NOT JUST REPLY
> To post a dba job: http://jobs.lazydba.com
> To Subscribe : http://www.LazyDBA.com
> To unsubscribe: http://www.lazydba.com/unsubscribe.html
>
>



---------------------------------------------------------------------
TO REPLY TO EVERYBODY , PLEASE CLICK REPLY-ALL, NOT JUST REPLY
To post a dba job: http://jobs.lazydba.com
To Subscribe : http://www.LazyDBA.com
To unsubscribe: http://www.lazydba.com/unsubscribe.html



Oracle LazyDBA home page