gee then the last 4 years of SOX audit that all I had to do was provide
verbage and logfiles and show thenm documents to erify we had a procedure
wasn't a real audit.....
gosh I sure feel slighted that the audiotors they sent to visit me were so
stupid as to not know what they were looking at and I could tell them about
anything I wanted as long as it sounded right.
These people are TYPICALLY notice I said TYPICALLY not ALWAYS, straight out
of college with accounting degrees and are handed a boilerplate of questions
to ask and have NO clue what hey are looking at/for.
Many the time that I wasn't really in compliance, but provided them with so
much data that they thought I was. Not to say we didn;t get in compliance
later..but just not at that time.
So, NO they don't always verify what you say.........
----- Original Message -----
From: "Dustin Hayden "
<oracledba-ezmlmshield-x44481429.[Email address protected]
To: "LazyDBA Discussion" <[Email address protected]
Sent: Thursday, November 02, 2006 4:26 PM
Subject: RE: Database and System Security
> Actually sox verifies you are following the procedures.
> We are in the middle of an audit right now in fact.
>
> It is not assumed that the person leaving is going to do something but
> why take an unnecessary chance?
> The amount of long term damage someone with a high level of access could
> do is just not worth the risk.
> I could probably put my company out of business if I put my mind to it
> with my access. So why on earth take that kind of chance?
>
> Personally I would prefer my company changed the passwords when I left.
> That removes me as being a primary suspect if something were to happen
> shortly after I left.
>
> Been more than once in my career I thanked god I did not have a password
> on a certain system. I watched two people get fired at my last job just
> because they could not determine which one of them had done something on
> a system.
>
> -----Original Message-----
> From: Les Hollis
> [mailto:oracledba-ezmlmshield-x88016194.[Email address protected]
> Sent: Thursday, November 02, 2006 4:34 PM
> To: LazyDBA Discussion
> Subject: Re: Database and System Security
>
> OK I agree that you need to change the passwords, access, etc
>
> MY POINT was why is it assumed that EVERYONE that leaves is going to
> cause
> problems....
>
> Yes, there are some disgruntled, upset, fired employees that COULD cause
> you
> problems and probably would...but it just seems that the assumption is
> that
> they WILL....
>
>
> And yes, SOX requires a procedure that is followed when an employee
> leaves...
>
> Key here is that SOX looks for is a procedure to be in place whether you
>
> follow it or not.....
>
>
>
>
> ----- Original Message -----
> From: "Dustin Hayden "
> <oracledba-ezmlmshield-x97443370.[Email address protected]
> To: "LazyDBA Discussion" <[Email address protected]
> Sent: Thursday, November 02, 2006 12:18 PM
> Subject: RE: Database and System Security
>
>
>> Yes you may know that but how does the place you work know that?
>> Besides Sox requires these measures be taken whenever someone leaves a
>> company.
>>
>>
>> -----Original Message-----
>> From: Les Hollis
>> [mailto:oracledba-ezmlmshield-x41053127.[Email address protected]
>> Sent: Thursday, November 02, 2006 11:41 AM
>> To: LazyDBA Discussion
>> Subject: Re: Database and System Security
>>
>> why is it that everytime someone leaves a job it is ASSUMED that
> he/she
>> will
>> try to get back in and do something 'malicious'?
>>
>> If I were to leave my current job, I'd want nothing to do with what I
>> was
>> doing here.
>>
>>
>> Do you think that he is prone to do something?
>>
>> Change your oracle user password, system, sys root on the UNIX box and
>> remove/disable any id created for him. That is about the best you can
>> do.
>> Depending on your application, you may be able to change the schema
>> owner
>> password...
>>
>> Do you not have a firewall? IF so, then he obviosuly had a VPN access
>> method...make sure that is disabled
>> ----- Original Message -----
>> From: "Bommareddy Anil Kumar "
>> <oracledba-ezmlmshield-x88206988.[Email address protected]
>> To: "LazyDBA Discussion" <[Email address protected]
>> Sent: Thursday, November 02, 2006 2:42 AM
>> Subject: Database and System Security
>>
>>
>>> Hi Gurus,
>>> Our senior DBA is leaving job for good. He
>>> remembers most the critical passwords[both databases and system] and
>> ip
>>> addresses. He is also technically sound from Network and OS
>> perspective.
>>> How to prevent any mischief or security as a result of this in near
>>> future?
>>>
>>> Thanks,
>>> Anil
>>>
>>>
>>> ---------------------------------------------------------------------
>>> TO REPLY TO EVERYBODY , PLEASE CLICK REPLY-ALL, NOT JUST REPLY
>>> To post a dba job: http://jobs.lazydba.com
>>> To Subscribe : http://www.LazyDBA.com
>>> To unsubscribe: http://www.lazydba.com/unsubscribe.html
>>>
>>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> TO REPLY TO EVERYBODY , PLEASE CLICK REPLY-ALL, NOT JUST REPLY
>> To post a dba job: http://jobs.lazydba.com
>> To Subscribe : http://www.LazyDBA.com
>> To unsubscribe: http://www.lazydba.com/unsubscribe.html
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> TO REPLY TO EVERYBODY , PLEASE CLICK REPLY-ALL, NOT JUST REPLY
>> To post a dba job: http://jobs.lazydba.com
>> To Subscribe : http://www.LazyDBA.com
>> To unsubscribe: http://www.lazydba.com/unsubscribe.html
>>
>>
>
>
>
> ---------------------------------------------------------------------
> TO REPLY TO EVERYBODY , PLEASE CLICK REPLY-ALL, NOT JUST REPLY
> To post a dba job: http://jobs.lazydba.com
> To Subscribe : http://www.LazyDBA.com
> To unsubscribe: http://www.lazydba.com/unsubscribe.html
>
>
>
>
> ---------------------------------------------------------------------
> TO REPLY TO EVERYBODY , PLEASE CLICK REPLY-ALL, NOT JUST REPLY
> To post a dba job: http://jobs.lazydba.com
> To Subscribe : http://www.LazyDBA.com
> To unsubscribe: http://www.lazydba.com/unsubscribe.html
>
>
Oracle LazyDBA home page