Actually I am an IT Auditor (career change after 20 years in IT engineering...) and this came up as part of an audit, and is an area where I don't have technical experience. You comments are appreciated, thank you, guys. Time to reach out to Oracle as well.
On Wed, Dec 6, 2017 at 9:05 AM, Erik Goldoff <egold...@gmail.com> wrote: > this sounds more like > a) I don't want to > or > b) I don't want to pay for this > instead of > c) it cannot be done > > Best Practice for Security and Auditing should be a topic for discussion, > especially considering your statement of dealing with 'highly sensitive > data". Also should be raised through the chain of command, for support or > risk acceptance by high level management, IMNSHO > > Erik > > On Tue, Dec 5, 2017 at 12:10 PM, Tom Miller <tominyorkt...@gmail.com> > wrote: > >> Hi All, >> >> I have a question regarding Oracle DBA database level access. >> >> The DBA lead where I work states that it is nonsensical for individual >> DBAs to use a name DBA-admin account for them. This is a potential issue: >> we are dealing with highly sensitive data and even within the DBA staff >> group, we want to restrict access, if possible. We use logging, but >> triggering an access to particular tables would not be too helpful, as it >> would only tell us that the DBA account access them. >> >> Anyone have any thoughts or suggestions? >> >> Thanks, >> Tom >> > >