Educause Security Discussion mailing list archives

Re: Consolidated Database Risks and Mitigating Controls

From: Gary Dobbins <dobbins () ND EDU>
Date: Wed, 7 Oct 2009 11:01:32 -0400

We do have all our databases consolidated onto one Oracle RAC farm, and one SQLserver farm.  Our chief DBA is composing 
a message outlining the reasoning behind this, which I or he will forward back to this list as soon as it's ready 
(might be a few days).

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of 
Delacruz, Jay J.
Sent: Tuesday, October 06, 2009 3:19 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Consolidated Database Risks and Mitigating Controls

Educause Team,
Anybody want to share their experience with consolidated databases? In particular; risks of that specific architecture 
and what mitigating controls were used. What risks apply to data loss, disaster recovery, business continuity planning 
etc..?

"Putting all your critical assets in one basket."  Great idea or is it an unnecessary risk?

Thanks ahead for any input... :)

Jay Delacruz, CISSP
Information Systems Security Department
Wake Forest University
Winston-Salem NC 27109
delacrj () wfu edu<mailto:delacrj () wfu edu>
336-782-0116
[cid:image001.gif@01CA473D.87961EA0]

Current thread:

Consolidated Database Risks and Mitigating Controls Delacruz, Jay J. (Oct 06)
- <Possible follow-ups>
- Re: Consolidated Database Risks and Mitigating Controls Neil Matatall (Oct 06)
- Re: Consolidated Database Risks and Mitigating Controls Gary Dobbins (Oct 07)
- Re: Consolidated Database Risks and Mitigating Controls Chris Green (Oct 09)