Dark Reading: Recently, security researchers have been complaining that Oracle has been too slow to patch its database software, leaving customers vulnerable to attacks. "I would say easy fixes get done pretty quickly, within three to six months, but things that are harder and need some changes in architecture or have an impact on customers where customers have to make some changes to their products, to their software that uses the databases, those things don't get done in the CPU," says Application Security's Alex Rothacker. "We have a vulnerability disclosed where basically we can brute force any users password and we reported this two years ago and they haven't fixed it yet."
Oracle has been putting out fewer critical security patches lately, but researchers say that isn't because the software has fewer vulnerabilities. "They respond immediately and say 'Thank you very much for the information' and so on, but it sometimes takes more than a year to actually release a patch," says McAfee's Slavik Markovich. "I get the feeling that they don't invest enough or have enough people working on this so it takes a long time to patch."
One of the ways around the issues of security and control that make some businesses wary of cloud computing is to build a private cloud -- one that remains within the corporate firewall and is wholly controlled internally. Private clouds also increase the agility of IT an organization's IT infrastructure and make it easier to roll out new technology projects. Download this eBook to get the facts behind the private cloud and learn how your organization can get started.