The principle of least privilege requires that a user be given no more privilege than necessary to perform a job. Ensuring least privilege requires identifying what the user's job is, determining the minimum set of privileges required to perform that job, and restricting the user to only those privileges. Here are some examples:

• Limit the number of users who have the System Administration responsibility. In most cases, there is no justifiable need for the Help Desk, OS System Administrators, or individual users to have this broad responsibility – subsets of the entire System Administration capabilities can be split out by creating custom responsibilities with a subset of System Administration menu paths that will not compromise security. The same principle applies to Application Developer and “Super User” responsibilities.
• Limit OS access to only those who need it and limit their access to only specific directories and files, not the entire APPL_TOP and ORACLE_HOME, for example.
• Limit the users who have the Oracle SYS or SYSTEM password to the minimal number of personnel required. In some larger Database Administration Groups, not all DBAs may need to have these accounts and their inherit privileges.
• Limit users who can access the other Oracle database accounts (GL, PO, etc.) to a small and finite group. A read-only account with APPS-like access can be created for development and production support personnel.

> back to list