Select Page

DBAs Need to Work With Colleagues on Database Security

John Kaufling | | October 29, 2013

Network security remains an ongoing challenge, if not a struggle, for organizations of all sizes in various industry sectors.

No enterprise is safe, as clearly demonstrated by recent cyberattacks against venerable organizations worldwide, including American Express, the Associated Press, CBS News, JPMorgan Chase, Saudi Aramco, and leading South Korean banks and television stations. Even noted anti-spam organization Spamhaus has not been immune to cyberattacks.

Working together

What can aid enterprises enormously in securing their networks is a firm alliance between database administrators and security professionals.

As Ericka Chickowski, writing for Dark Reading, observed, the problem is these two camps don’t have much in common for starters:

“The lack of a common ground in knowledge base and the divergence in business goals can often lead the two groups to grow so at odds that data security gets lost in the conflict. However, CISOs can do a lot to foster better relations between database staff and security staff for improved database risk management. “

Finding a common ground

Database security is important, but it’s not the only task facing enterprise security professionals who have a broad range of responsibilities for internal and external security. Brad Johnson, vice president at consultancy SystemExperts, told Dark Reading:

“DBAs tend to view their work from the perspective of a normal user, while IT security staff tends to look at DB or Web functionality from the perspective of an intruder. The former is trying to do their job, the latter is trying to ‘break in’ to get access to data or services that were meant to be controlled or private.”

Technology professionals say there are several strategies for building up these alliances, starting with encouraging collaboration and consensus-building between database administrators and security staff. Security is one common ground these two groups can find. Management can play an important role in promoting and, ultimately, achieving collaborative harmony.

Security reviews

Auditing and other types of comprehensive security reviews can help those focusing on database issues see the role they play in eliminating network or system vulnerabilities. Through these types of audits, database administrators can freely bring to the table their best efforts and ideas for stemming vulnerabilities. These could be, for example, insights they have developed based on comprehensive application testing.

And both groups can bring forward issues that must be addressed not only for data security, but also for assuring compliance with emerging rules and regulations that may apply to the enterprise.

Working closely with the security staff, database administrators can complement and enhance the enterprise’s security efforts.

Has your company achieved harmony between DBAs and IT Security? How did your company do it? Let us know, we’d love to get your feedback.

Subscribe to Our Blog

Never miss a post! Stay up to date with the latest database, application and analytics tips and news. Delivered in a handy bi-weekly update straight to your inbox. You can unsubscribe at any time.

ORA-12154: TNS:could not resolve the connect identifier specified

Most people will encounter this error when their application tries to connect to an Oracle database service, but it can also be raised by one database instance trying to connect to another database service via a database link.

Jeremiah Wilton | March 4, 2009

12c Upgrade Bug with SQL Tuning Advisor

Learn the steps to take on your Oracle upgrade 11.2 to 12.1 if you’re having performance problems. Oracle offers a patch and work around to BUG 20540751.

Megan Elphingstone | March 22, 2017

Scripting Out the Logins, Server Role Assignments, and Server Permissions

Imagine over 100 logins on the source server, you need to migrate them to the destination server. Wouldn’t it be awesome if we could automate the process?

JP Chen | October 1, 2015

Work with Us

Let’s have a conversation about what you need to succeed and how we can help get you there.


Work for Us

Where do you want to take your career? Explore exciting opportunities to join our team.