Tag Archives: infosec
If you are running a data pump export of your encrypted database and you do not specify encryption or encryption_password then the data will be stored in plain text. This will give you the ORA-39173 warning.
We are stewards of our customers data and need to do better. <OPINION> I would give us a big fat “F” for data security in 2015.</OPINION> What happened and what needs to be improved? We saw weak passwords, lack of … Continue reading
One of my favorite channels on youtube; numberphile explains RSA Encryption better then I could.
#infosec #LetsSecureThisTogether This is going to piss some people off. The C suite needs to have this conversation.
Get the words best practice out of your vocabulary.” I have been at many customer sites that needed my expertise, and someone says to me in a meeting, “well what is the best practice to secure our information.” I’m going … Continue reading
Don’t get invited to sit in front of a Congressional Committee. #Oracle #TDE August 27, 3PM EST #INFOSEC
Register here: https://attendee.gotowebinar.com/register/7938280806383993602 Sponsored by @ODTUG
Here is a teaser for the Oracle Transparent Data Encryption presentation We look at having an existing table with existing indexes. A policy comes out that says we need to encrypt SSN and Credit Card Numbers. Once we encrypt the … Continue reading
Oracle Technology Network Two Minute Tech Tip. Oracle Transparent Data Encryption.
I will be giving a webinar on Oracle Transparant Data Encryption Baseline Practices August 27, 2015 at 3PM. Sponsored by @odtug Why “Baseline Practices?” well best practices does not seem to be working so we are going to start improving … Continue reading
While at #KSCOPE15, I was asked about encrypted data showing up in histograms. So, I ran a few experiments and learned that encrypted data does indeed leak. I contacted Oracle through an old friend to get their input. Here is … Continue reading
Some performance test on Oracle TDE. I have three tables t1, t2 and t3. All three tables have identical data and 1.6M rows. I’m going to come back and visit this a bit more later, but want to get … Continue reading
Why should you encrypt your backups? Why should you test your backups? I will be speaking on Holistic Database Security at #kscope15 and #harmony15
I had a rather disturbing conversion with my wife a couple nights ago, she had called a service provider to discuss a bill. The customer service rep asked her for her social security number to verify her identity. When my … Continue reading
I recently have been receiving emails for consulting work. This is a good thing because I’m back on the market. However; some of the emails I have been receiving are asking for PII. This information can be used for identity … Continue reading
April 2005 Ameratrade loses a backup tape containing information on 200,000 customers. February 2005 Bank of America loses backup tapes containing information on 1.2 million charge cards. September 2011, SAIC loses backup tapes of 4.9 Million members of the military … Continue reading