« What’s wrong with this picture? | Main | Unleash Your “cognitive surplus” »
Only 10% of Oracle Databases are Secure!
By Eric Gross | April 29, 2008
A recent article in eWEEK revealed alarming statistics surrounding patch and CPU application. The survey was conducted by a company that appears to benefit from the patch application process being as painful as possible (they sell a solution that attempts to mitigate security risks surrounding non-patched databases). Back to the survey, here are a few of the more disturbing stats:
- Only 10% of those surveyed, had deployed the most recent set of CPUs
- More than 65% of the DBAs surveyed said they had never applied a critical update from Oracle!!
What the survey data actually reveals is a deficiency that screams to be solved with patch automation. Automation reduces time-to-patch dramatically by separating the definition/packaging of a patch (including any pre & post scripts that may be a part of an organization’s standard for patch activity), from the actual process of installing the patch.
The benefits of this type of automation are immediate and quite clear:
- Patch definition and packaging by fewer folks = much greater standardization; increase in enforcement of standards.
- Reducing manual execution of patch application leaves less room for fatal-variances.
- Automated standards surrounding security patches make them safer and faster to deploy and would allow far more organizations to properly and promptly apply these critical patches.
Don’t get me wrong, the fault is not with the DBA. This security-catastrophe-waiting-to-happen is being caused by the delayed adoption of automated database administration practices, and this falls squarely in the lap of an organization’s decision makers.
Topics: Data Center Automation, Database Automation, Efficiency, OPatch, Patches, Security
June 5th, 2008 at 8:51 am
[...] Only 10% of Oracle Databases are Secure! [...]
June 5th, 2008 at 8:51 am
[...] Only 10% of Oracle Databases are Secure! [...]