Tuesday, July 27, 2010

Security Patching

It is August and hopefully by now the July CPU or PSU has been applied to your environments. Just like tuning the security patching is something we do to maintain a secure environment, but unlike issues this can be a scheduled process.
Knowing what to test, when to apply and how to apply should all be part of a security patching policy and process. The security and compliance group might be requiring these patches from you or it might be something as a responsible DBA that you are applying, but they are part of the secure configuration.
Even if a process has been developed, it might be a good time to review the process and take a look at some of the options available with Configuration Manager and PSU vs. CPU. IOUG is also interested information around security patching, as we are parterning with Oracle to conduct a survey around patching. To take the survey go to the IOUG Enterprise Best Practices SIGs website:
http://enterprisesig.oracle.ioug.org
Another way to review your patching process or gather the information needed to create on is to attend the webcast on August 11th. For registration:
https://www1.gotomeeting.com/register/141106952
Oracle will be talking about the differences in the CPU and PSU, how they test security patching, and share about how other companies are doing it. That is really the advantage of the user group isn't it, to be able to learn best practices from others that have to do the same tasks. This could be a great sanity check to confirm the process and information, or it might even have a step that you might not have thought of. Also if you have additional things you do to make the process easier, please share that idea with us to as there will be time for comments and questions.

No comments:

Post a Comment