Discussions
Categories
- 384.5K All Categories
- 2.5K Data
- 551 Big Data Appliance
- 1.9K Data Science
- 451.3K Databases
- 222.1K General Database Discussions
- 3.8K Java and JavaScript in the Database
- 32 Multilingual Engine
- 561 MySQL Community Space
- 479 NoSQL Database
- 7.9K Oracle Database Express Edition (XE)
- 3.1K ORDS, SODA & JSON in the Database
- 561 SQLcl
- 4K SQL Developer Data Modeler
- 187.4K SQL & PL/SQL
- 21.4K SQL Developer
- 296.8K Development
- Application Development
- 18 Developer Projects
- 140 Programming Languages
- 293.5K Development Tools
- 112 DevOps
- 3.1K QA/Testing
- 646.2K Java
- 28 Java Learning Subscription
- 37K Database Connectivity
- 186 Java Community Process
- 105 Java 25
- 22.1K Java APIs
- 138.2K Java Development Tools
- 165.3K Java EE (Java Enterprise Edition)
- 21 Java Essentials
- 164 Java 8 Questions
- 86K Java Programming
- 81 Java Puzzle Ball
- 65.1K New To Java
- 1.7K Training / Learning / Certification
- 13.8K Java HotSpot Virtual Machine
- 94.3K Java SE
- 13.8K Java Security
- 206 Java User Groups
- 24 JavaScript - Nashorn
- Programs
- 525 LiveLabs
- 39 Workshops
- 10.2K Software
- 6.7K Berkeley DB Family
- 3.5K JHeadstart
- 5.7K Other Languages
- 2.3K Chinese
- 178 Deutsche Oracle Community
- 1.1K Español
- 1.9K Japanese
- 236 Portuguese
Ransom ware recovery plan question
Hi,
We're using Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production.
We're developing a Ransom Ware recovery plan for our databases. The data we're protecting is financial data. The very rough overall plan is to back the data up into a vault and restore it after an attack.
One item we're discussing is the time between the last backup and the time before the next backup.
During that time period after the DB back up, transactions are still happening, like Trades or loans granted at specific rates. How would you save that information until the next full DB back-up?
The trick with information like that is you can't redo those transactions because those transactions happened at specific times where the stock prices or the loan rates were at a specific value. So how would you save that information? Has anyone ever done this type of thing before?
What-ever the process is, it would run and store data between the latest time a DB backup was taken and the next time a DB backup was taken. We've got the DB backups being taken about every hour for this specific critical database. So you could refer to the interim time between database backups as the interim back-up. Then that interim-back-up data would be overwritten by the interim back up for the next time period between DB backups, so we're only storing about an hours worth of financial transactional information.
I know some people would just say use RMAN at an incremental level but it sounds like they want a solution where the data is saved outside of Oracle.
Are there any backup solutions in Oracle where you can save data directory to flat files? I'm thinking there is the possibility of using External tables and storing that data in an outside flat file.
I'm looking for a precedent we can at least study to get some ideas.
Thanks!
Answers
-
Flat files are exactly the files that are encrypted by ransomware.
To protect an Oracle database:
- use ASM and raw disks (no file systems) that are not targeted by ransomware encryption
- use RMAN hot database backups to external media (e.g. SAN/NAS ASM raw disks)
- use multiplexing and/or regular period backups, of archive logs
FWIW, my firsthand experience with ransomware is that Windows servers and CIFS/SMB file system shares are targeted. Linux servers emerged without a scratch. Except when the Linux VM's vdisks are "flat files" on Windows hypervisor servers.
-
You are describing the usual usage case for Data Guard. Zero data loss guaranteed.
-
Thanks John,
We're actually using Cyber Recovery by Dell I think.
I know some people use queries with row counts to validate data.
Would using DB_Gather_Stats give us anything. What would you be able to compare with data from that? Anyone?
