There are four basic security principles: access, authentication, authorization, and accounting.
Access
Physical and software controls protect your hardware or data from intrusion.
For hardware, access limits usually mean physical access limits.
For software, access is limited through both physical and virtual means.
Firmware cannot be changed except through the Oracle update process.
Authentication
Set up the authentication features such as a password system in your platform operating systems to ensure that users are who they say they are.
Ensure that your personnel use employee badges properly to enter the computer room.
Authorization
Allow personnel to work only with hardware and software that they are trained and qualified to use. Set up a system of Read/Write/Execute permissions to control user access to commands, disk space, devices, and applications.
Accounting
Use Oracle software and hardware features to monitor login activity and maintain hardware inventories.
Use system logs to monitor user logins. Monitor system administrator and service accounts in particular because these accounts can access powerful commands.
Use component serial numbers to track system assets. Oracle part numbers are electronically recorded on all cards, modules, and motherboards.