 |
Oficinas en México |
|
|||||||||
   |
||||||||
Oracle Security Patches SCP and critical Patches Updates (CPU)IT Consulting ServicesOracle SecurityBecause databases centralize the storage of data, they are attractive targets for hackers and even curious employees. The DBA must understand the particular security model that the database product uses, and how to use it effectively to control access to the data. The auditing task is particularly important currently, as regulatory laws like Sarbanes-Oxley and HIPPA have reporting requirements that must be met. The DBA must take additional precautions to protect the databases, such applying quarterly Critical Patch Updates and Security Alert (OCPU) from Oracle Corporation and making sure all databases complied DISA STIGS and DoD standards. The three basic security tasks are authentication: Critical Patch Updates Critical Patch Updates are collections of security fixes for Oracle products. They are available to customers with valid support contracts. They are released on the Tuesday closest to the 17th day of January, April, July and October. The next four dates are: • 15 April 2014 • 17 July 2014 • 17 October 2014 • 17 January 2015 Starting with the October 2013 Critical Patch Update, security fixes for Java SE will be released under the normal Critical Patch Update schedule. Security Alerts Oracle will issue Security Alerts for vulnerability fixes deemed too critical to wait for distribution in the next Critical Patch Update. The Security Alerts released since 2005 are listed in the following table. |
||||||||
