LANSING – The Michigan Department of Technology, Management and Budget has not done enough to ensure only appropriate access to the various Oracle databases it oversees, auditors said in a report.
The performance audit of Statewide Oracle Database Controls by Auditor General Doug Ringler, for the period October 1, 2012, through September 30, 2014, found the department did not have appropriate security controls in place for some of the databases, potentially allowing improper access or improper changes to state data. The department also did not provide appropriate training programs for the database administrators.
Department officials agreed with the need to improve security and said they had implemented a Database Standards Committee in June 2013 to develop security standards. Among the changes resulting from that and the department’s Database Security Program was encryption of all databases in June 2014.
The department also agreed with the need for more training and committed to a training needs analysis among its DBAs.
This story was provided by Gongwer News Service. To subscribe, click on Gongwer.Com
