What happens if you are in the UK.
I know that UK has something similar like SOX called FSA finacial Services Authority.
Arent the UK dba's supposed to apply the security patches as per regulations .
I am also curious about INDIA what happens there since they have massive databases owing to its population
Majority of the Indian local shops don't like to disturb the Database as long is it is running smooth. Currently I am on site in Fiji Islands and here also management doesn't like to apply any patch unless until they hit a bug.
Try hard to get what you like OR you will be forced to like what you get.
not everyone is regulated by the FSA either - and no there is no rule to apply patches just because they exist
there is a rule to protect the data
So when there is a known bug that doesn't require authentication, thenwe as good DBA's should apply the patch? So its balancing between allowing for new bugs, and leaving vulnerabilities unpatched in a database that could be exploited by someone nefarious.
Originally Posted by davey23uk
this space intentionally left blank
balance risk and cost
simple as that
As an FYI... in the retail industry, patching is required per the PCI (Payment Card Industry) Standards. You have to have a good reason NOT to apply CPU patches.
Click Here to Expand Forum to Full Width