9 Quotes by Rich Mogull
- Author Rich Mogull
-
Quote
We've since updated this assumption and now predict that by the second quarter of 2006, 85 percent of large enterprises will have initiated encryption projects.
- Tags
- Share
- Author Rich Mogull
-
Quote
We recommend that users shield themselves before addressing vulnerabilities, but in this case they can't apply a shield and are exposed to possible attack until the patch is applied.
- Tags
- Share
- Author Rich Mogull
-
Quote
Moreover, patching is sometimes impossible, due to ties to legacy versions that Oracle no longer supports. These practices are no longer acceptable.
- Tags
- Share
- Author Rich Mogull
-
Quote
The range and seriousness of the vulnerabilities patched in this update cause us great concern. The database products alone include 37 vulnerabilities, many rated as easily exploitable and some potentially allowing remote database access. Oracle has not yet experienced a mass security exploit, but this does not mean that one will never occur.
- Tags
- Share
- Author Rich Mogull
-
Quote
I think we're doing a moderate job and relying a little too much on databases historically being deeper within the enterprise. Some examples of really bad practices are static passwords stored in clear text in applications and batch jobs, shared administrative accounts, no controls on DBA activity, etc. We can definitely be doing better.
- Tags
- Share
- Author Rich Mogull
-
Quote
Oracle has not yet experienced a mass security exploit, but this does not mean that one will never occur.
- Tags
- Share
- Author Rich Mogull
-
Quote
Manufacturers have the option to keep their process control system separate. We do not recommend giving a manager a desktop machine to do e-mail while that person is managing the production network, because one slip up and you can give somebody outside the company control of the system.
- Tags
- Share
- Author Rich Mogull
-
Quote
(This) shows Oracle can no longer be considered a bastion of security. Database and application managers must begin protecting and maintaining Oracle systems more aggressively.
- Tags
- Share
- Author Rich Mogull
-
Quote
Critical Oracle vulnerabilities are being discovered and disclosed at an increasing rate, and exploit tools and proof-of-concept code are appearing more regularly on the Internet.
- Tags
- Share