Database security: risks & preventative measures

One can hardly argue with a good old saying: "who owns information, owns the world". While this may sound encouraging, it quickly turns intimidating while revealing one of the greatest vulnerabilities of enterprises, financial institutions, and other organizations storing sensitive data.
Where are the threats coming from?
Underestimating patch management: Although Oracle team is accurate with releasing collections of critical patches, companies often neglect timely updates due to complexity of the process or budget limitations.
Unrequired settings: Combining sophisticated security options is a good idea for limiting access, but when such settings are layered on top of each other, this may cause unexpected security breaches.
Unprotected backups: The improper storage of historical copies of the sensitive data wipes away any other attempts to secure the database.
Excessive privileges: If users are granted access to data beyond their responsibility scope, this may lead to Privilege abuse. It is critical to invest time and resources into removal of duplicates and permissions that do not match the purpose of the users.
You should turn "the knowledge is power" paradigm into your own benefit. To ensure database security, it is recommended to analyze the data, all the different access paths to it, and to assess users privileges and roles in accessing that data. The good news is that this process can be automated by a Database Security Audit Report which comes as a part of a more comprehensive database documentation generator: ClearDB Documenter.
This Report is based on 29 built-in policies containing a total of 630 checks for a deep audit of Oracle and to ensure the database is thoroughly scanned and any security issues are identified.
Security Audit Report
Fig. 1 - Security Audit Report
Audit Configuration policy
Fig.2 - Audit Configuration policy
For a quick glance, check out Sample Docu with a DB Security Audit Report in it.