fbpx
 

Category: Risk

How Oracle Licensing Is Affected By Current Business / Industry / Technology Changes
Renata HajdugaCloud, Compliance, Exadata, IBM, IT Asset Management, Microsoft, Oracle Cloud, Oracle license, Oracle Licensing Compliance, Risk, software asset management, software license, Subscription based license, Virtualization

Now more than ever decision makers are faced with difficult choices. A number of factors may be affecting your business, including loss of revenue due to pandemic, shift to remote collaboration, pressure to move to the Cloud, and striving to stay on top of industry and technology changes. Most of these decisions would likely have software licensing implications. Here are a few examples: Move to the Cloud: When choosing between on-premise, hardware hosting provider or Cloud platform, a proper comparison […]

MEGABYTE Act – New Federal Software Licensing Requirements
Shawn DonohueCompliance, Contract Negotiations, Risk, software license

CIOs will be required to implement a comprehensive licensing policy to manage software inventories The Office of Management and Budget (OMB) issued guidance in June on agencies inefficient use of software licensing as well as what it saw as excessive spending.  Now the White House is involved.  President Obama signed the Making Electronic Government Accountable by Yielding Tangible Efficiencies Act (MEGABYTE Act) on July 29, 2016.  It will require agency CIOs to more accurately track their software and applications licenses.  You […]

Ethical Hackers Find Oracle Vulnerability
Wayne FedericoDatabase security, Risk, Security Assessments, Security RiskLeave a Comment on Ethical Hackers Find Oracle Vulnerability

CNN recently interviewed two hackers Bryan Seely Ben Caudill, who discovered an unsettling security hole, uncovering intimate details like children’s school records, including detailed bus route information; arrest and prosecution information from a major Midwestern city; and the real names and numbers of intelligence agents visiting a major American port.

How Data Loss Prevention Technology Can Help You
Scott D. RosenbergAccess management, Compliance, Database security, DSS (Data Security Standard), Identity management, IT Security, Oracle database, PCI (Payment Card Industry), Risk, Security Assessments, Security Risk1 Comment on How Data Loss Prevention Technology Can Help You

Data Loss Prevention (DLP) is one of the key IT security measures a company must undertake. DLP is one of the 20 Critical IT Security Controls that the nonprofit security training agency SAN recommends. A recent news item provides a great real life of how Nationwide Insurance used DLP technology to prevent an employee’s unlawful activities. Nationwide recently installed new monitoring software to prevent unlawful transmission of data by its employees. The software snagged Qiang “Michael” Bi, a 36-year old […]

Using Oracle Database Firewall
Scott D. RosenbergAccess management, Center of Internet Security (CIS), Compliance, Contract Lifecycle management, Cost Containment/Negotiation, Database security, DSS (Data Security Standard), Enterprise Agreement, GRC (Governance, HIPAA, Identity management, IT Asset Management, IT Security, Licensing Change Alert, Microsoft Licensing Compliance, Microsoft Licensing Tip, Microsoft: News You Can Use, Miro News, Oracle database, Oracle Licensing Compliance, Oracle Licensing Tip, Oracle: News You Can Use, PCI (Payment Card Industry), Risk, Security Assessments, Security Risk, software asset management, Software audit, SQL, Uncategorized, VirtualizationLeave a Comment on Using Oracle Database Firewall

We’re all familiar with network firewalls, which prevent unauthorized access to your network from external sources. However, network firewalls don’t protect your databases from malicious attacks, which sometimes come disguised as privileged internal users. Web applications are a major source of data attacks, through stratagems such as SQL Injection, for example. Oracle’s Database Firewall (a product Oracle gained through its acquisition of Secerno, a British firm, in 2010) offers a solid defensive perimeter to monitor and enforce accepted behavior on […]

In Archive