While many companies think they're being proactive with security, too many are addressing security at the application level rather than the database level, according Oracle security expert Arup Nanda. Nanda, 32, a Norwalk, Conn.-based DBA who runs Proligence, an Oracle consultancy, is co-author of a new book called Oracle Privacy and Security Auditing. The book focuses on security and auditing regulations for the health care industry; these rules are part of HIPAA (the Health Insurance Portability and Accountability Act of 1996). In an interview with SearchOracle.com, Nanda discusses what steps companies can take to meet the requirements HIPPA, Sarbanes-Oxley and other regulations without doling out thousands of dollars in new software.
The article continues at