Avoiding a "Gotcha" When Revoking DBADM

[ more.. ]

The news is out and it is, indeed, disturbing.

[ more.. ]

With DB2 9.7 Auditing you CAN know for sure. Part 1   

If you haven't used db2audit yet due to concerns about performance or perceptions that the setup options are inflexible, I would encourage you to re-consider enabling it when you make the move to DB2 9.5 or 9.7.

[ more.. ]

Do you ever try to look at things from a different perspective just to take them out of the “normal”? I do too and I think that’s a great way to approach “some” security considerations. Take DB2LOOK for example...a great and highly useful tool, but when you put your SECADM glasses on, and view DB2LOOK from a different perspective, you just might discover a potential security issue.

[ more.. ]

There’s a New SECADM in Town. It's a new day and there is a new database. Which means a new chance for me to set up security.....and this time....I’m taking control

[ more.. ]

Today, I read several more articles on CURRENT Security Breaches. Fortunately, none of them involved DB2 databases. I wish I could rest easy with that knowledge, but I can't.

Have you thought about the fact that a lack of security within your enterprise can mean your job? Well, don't despair; you may not realize it, but DB2 DBAs have the power to help organizations change. Let's strategize....quietly...together (ssshhhh it's a secret).

[ more.. ]

Can you tell I "identify" with the SECADM? I guess, despite my attempts to hide my true feelings, that's out in the open now.

Ok, I admit it. I LIKE the idea of being the "go to" security person....until... (Did you bring the Latte? )

....................................................................................................................>>>>>>>>

Documentation BLUES.

[ more.. ]

Fact or Fiction or maybe some of both? Have you heard a particular "DB2ism" that sounds plausible, but later you find out that the truth of the matter was different than the poplar view? Me too.

If you are using (or are planning to use) DB2 AUDITING, please help me as I look for clues and try to find the 'truth' about the audit_buf_sz DBM CFG parameter.

[ more.. ]

There are times when something just gets “stuck” in my brain and won’t let me go. I'm sure we all have those moments. Mine typically center around security or shoes or both. They come without any concrete facts and they pop up when I am not expecting them, but sometimes they can help solve a puzzle or direct you to the solution that you didn’t even realize you needed. I’ve accidentally solved a lot of DB2 problems thanks to those unexpected moments. Let me share the story of one of the times that something just "clicked" in my security brain and see if you and I can work through this together to see if it “could” be a DB2 Security concern.

[ more.. ]

Here's a tip....just before your shop upgrades to (or installs) DB2 9.7, run to the nearest Coffee Shop, grab a Vanilla Latte and a Cookie and place the Latte gently in front of your SECADM, along with a list of the new SECADM responsibilities that will be necessary after the upgrade.

I promised in an earlier post that I'd share thoughts on how to keep your SECADM from quitting when you upgrade to 9.7. But, if the Latte and cookie approach doesn't work, then you're on your own. (I'm kidding...there's more).

[ more.. ]

A harvest moon, rising over Lake Pontchartrain, and what am I thinking about? Well, security of course. Yup…that's abnormal…and actually, that’s exactly where my mind was.

When I first caught sight of that huge orange moon, I was driving home from work, having a mental conversation with myself about how often abnormalities indicate a risk or a threat...or a security obsessed DBA (one, or all of those) and then I saw that beautiful moon…and I thought….I have to find a way to tie this into my blog. Guess I just did.

[ more.. ]

Today’s post is about INTEL, (not the company, the spy stuff) and databases that are being migrated to the big time world of 9.7. I’ve always wanted to be a spy and with the name BOND, I think I’m a natural.

Ok, on to the intelligence gathering…migrated databases and the new authorities require some investigation.

[ more.. ]

Hopefully you have landed here to learn a little bit about DB2 Security or to be mildly entertained by that crazy lady who did the DB2 Security Shoe Video on the DB2Night Show. Yes, that was me and no…there will be no further shoe videos. Once is more than enough for anyone…..unless you petition for more…in which case, I will consider an encore…with different shoes … I have plenty!

[ more.. ]

Please welcome independent DB2 security consultant Rebecca Bond to the DBI blogsphere.