Enterprise Manager Edition
Oracle Corp
July 2012 Stay Connected: FacebookTwitterYoutube LinkedInBlog
Back to the main page
Top 5 Database Compliance Risks—and How to Avoid Them

As data center complexity rises and high-profile security breaches continue to proliferate, we asked David Wolf, principal product manager at Oracle, to name the top five compliance risks IT organizations face today—and how Oracle Database Lifecycle Management Pack addresses these risks head on.

1. Unknown and unmanaged databases
Too often, organizations have databases that are completely outside the reach of central management tools—introducing potentially serious operational and security risks.
Solution: Oracle Database Lifecycle Management Pack provides nonintrusive agentless discovery of all servers and services on a network. This helps ensure compliance by making sure all databases are under management and conform to standards.

2. Deployment of databases using nonstandardized configurations
Besides being time-consuming, manual deployment of databases increases the risk of error—including deviation from standards and best practices.
Solution: Oracle Database Lifecycle Management Pack offers agile provisioning tools that ensure lockdown of key configurations and help guarantee a deployment consistent with standards and best practices.

3. Undetected drift from configuration standards
Changes to the database are inevitable, but when changes are unmonitored, patches and other modifications can cause systems to drift out of compliance, raising the risk of both security breaches and service outages.
Solution: Oracle Database Lifecycle Management Pack automatically detects and tracks configuration changes—and provides proactive notification when compliance is at risk.

4. Unpatched databases
A key part of a DBA's job is to track patches and schedule timely updates. However, as the number of database instances continues to grow, so do the complexities that can make this an arduous task. As a result, databases too often go unpatched, creating potential security exposures and risk.
Solution: Oracle Database Lifecycle Management Pack helps automate patching with patch advisories, predeployment analysis, rollout, and reporting. Patches are analyzed for conflicts before deployment, and DBAs can apply multiple patches to multiple databases in a single downtime window.

5. Inability to audit user activity on key systems
Regulations such as PCI and HIPAA now require organizations to proactively demonstrate compliance. It is not enough to know what changes or activities occurred. Organizations must be able to provide audit trails demonstrating who made the changes—and when.
Solution: Oracle Database Lifecycle Management Pack supports real-time user activity monitoring in order to identify when changes are made, and by whom—and then report on all activity, both authorized and unauthorized.

Find out more about Oracle Database Lifecycle Management Pack and Oracle Enterprise Manager 12c.
Back to Top
Oracle Information InDepth newsletters bring targeted news, articles, customer stories, and special offers to business people who want to find out how to streamline enterprise information management, measure results, improve business processes, and communicate a single truth to their constituents.

Please send questions or comments to

For answers to questions about subscribing, unsubscribing, and managing your Oracle e-mail communications preferences, please see the Oracle E-Mail Communications page.

Copyright © 2012, Oracle Corporation and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

This document is provided for information purposes only, and the contents hereof are subject to change without notice. This document is not warranted to be error-free, nor is it subject to any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. We specifically disclaim any liability with respect to this document, and no contractual obligations are formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission.