My company is expaning it's services, and we need to prepare for storing sensitive data (on the database).

FYI: Oracle 8.1.6 on Solaris 2.7

I don't mean like Credit Cards or anything (so don't bother hacking in) but simple client customer lists, etc. which the client views as sensitive. We need to make them feel comfortable that the data is being guarded.

I am asking for the ways to make the data and the server as secure as possible. This includes 3rd party products or Oracle software add-ons.

I am already aware (the IT guys are handling this) of network security (firewall, ftp, telnet, etc) which we already handle, and file/directory security (to our logical/physical exports, etc).

We need to be sure that the database has that level of security beyond the normal as defined above.

I welcome all comments and ideas.

Thanks!

p.s. Our database may have to talk to another database (via db link, jdbc, etc) and that communication also needs to be secure (anything above Net8)?. Better encryption?