> Oracle PUBLIC Access
> Oracle Security Architecture
> JDE Bolt-Ons
> JDE Oracle Refreshes
> JDE Job Performance
> JDE Oracle Performance

> Oracle PUBLIC Access

By default, whenever an Oracle table is generated through JDE, full Oracle database access (SELECT, INSERT, UPDATE, DELETE, ALTER, etc.) is granted to PUBLIC. This means that any Oracle account in the database can essentially do anything to your JDE data! Unfortunately, this means that your production data can be completely compromised, and it may not be readily apparent for weeks, or even months. This type of unmanaged security architecture will raise serious issues when it is discovered in a system audit, but worse yet you run a substantial risk that your entire business could be irreparably harmed if someone intentionally, or unintentionally, modifies or destroys data.

At first glance you may be tempted to simply revoke access from PUBLIC, but this is only a temporary solution (and it will also likely break JDE depending on the security model you have in place). In addition, whenever your JDE CNC Team recreates a table or applies a JDE patch, the PUBLIC access is reapplied to the impacted tables! So there is simply no easy way to protect your JDE data without constant manual intervention.

We solved this problem at DBConnect Solutions with the creation of a tool we call NightOwl Database Security for Oracle JDE. This tool monitors the database, and when it detects the presence of PUBLIC grants on JDE-owned tables, it removes the PUBLIC access and assigns appropriate access to Oracle roles. It then automatically emails a log file to the Oracle DBA so there is an audit trail of the activity. We also provide an Oracle database security report that identifies any JDE-owned tables that may still have PUBLIC access, or those tables in which appropriate access has not been granted to Oracle roles. This solution is entirely automated to ensure our databases always remain secure.

The NightOwl Database Security for Oracle JDE software has been in place at numerous companies for over a decade. It has been verified by internal and external auditors as providing database compliance that meets the requirements of Sarbanes-Oxley.

Interested or have questions? Call or email us.