Security News > 2005 > September > Oracle CEO Touts Security Plans
http://www.internetnews.com/bus-news/article.php/3550651 By David Needle September 21, 2005 SAN FRANCISCO -- With all the fervor of a sold-out rock concert, thousands of Oracle faithful packed the Moscone Center here at the Oracle Open World conference to hear CEO Larry Ellison's keynote. Earlier on Monday, Oracle co-president Charles Phillips kicked off the event with a major announcement of the database giant's plans to work with IBM on compatibility between their respective middleware offerings, Oracle's Project Fusion and IBM's WebSphere. Ellison didn't have any blockbuster announcements to make, but he kept the attendees' attention riveted, covering a wide range of topics from Oracle's recent high-profile acquisitions to business intelligence and security. And, of course, a few digs at rival Microsoft, a staple of almost any Ellison speech. With Oracle's acceptance of WebSphere, Ellison did little to quell speculation the company would also support IBM's DB2 database on its Fusion middleware. It's an important issue, given that Oracle has inherited a huge number of DB2 users via acquisitions such as PeopleSoft, Retek and Siebel. "We will make a decision after a long careful process," said Ellison. He added that Oracle is talking to PeopleSoft customers and others about whether their priorities are portability or the extra security and performance he thinks they'd get by migrating to Oracle database software. "Right now it's a coin toss [as to what Oracle will do]," said Ellison. Addressing one controversy head-on, Ellison disputed an assertion by Marc Benioff, CEO of CRM on-demand provider Salesforce.com, that Oracle would kill its recently acquired Siebel OnDemand CRM offering because it runs on rival IBM's DB2 database. He noted that Oracle also recently acquired Retek, whose software for retailers also runs on DB2, and the company has no plans to kill that. "We're very comfortable with a multiple database strategy, if that's what customers want, and we plan to support Siebel OnDemand," Ellison said. Security was a big theme of Ellison's remarks, which were followed by about an hour of Q& A with the audience. He said there is a debate within Oracle over whether the company should allow non-encrypted backups of Oracle database files. "If I lose a DVD with customer files, someone can read it and use that information," said Ellison. "No one wants that liability. I say no (to allowing non-encrypted backups)." He further warned that Internet growth, along with new technologies like VoIP, are increasing security risks. "As you move more information over the public Internet and let more employee access systems from home over the Internet and from branch offices, your security risks are increasing," Ellison noted. Among other initiatives, he said Oracle will be very focused on intrusion detection technology and strategies, as well as identity management. "Security is a number-one issue today, and it will be one, two and three tomorrow," he said. As for VOIP, Ellison warned that companies need to be careful in their implementation of the Internet phone call technology which he said allows "malicious people" to shut down or intrude on a company's voice network. He tweaked Microsoft's Bill Gates for once saying his company was going to devote special focus to security for the month of February. "Our first client was the CIA, and our second client was the National Security Agency. That was 25 years ago. We've been working on security since day one," said Ellison. He further claimed the last time an Oracle database was broken into was 15 years ago, versus the 45 minutes he said it took for someone to break into Microsoft's first version of its Passport online ordering system. Another area Ellison touched on was business intelligence software, which he said is a huge improvement over the systems many businesses use today. Ellison said BI software should, for example, let a user know how much making a certain purchase puts him or her over the capital budget. Or, when a salesperson changes a sales forecast, it should let him or her see the change in ranking against peers. A favorite BI application of his in use at Oracle reveals how well its engineers are doing by comparing whether service requests are going up faster than sales. "It's much more effective if information is coming from the market rather than from a manager," said Ellison. Asked about his next acquisition, following the multi-billion purchase of Siebel, Ellison said he has nothing planned. He reiterated a point he made over five years ago that the Internet is probably the last technology architecture, and he added that Oracle is focused on implementing service-oriented architectures (SOA). "I'm not sure what comes after SOA," said Ellison. "This visionary is very much in the present." _________________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org