Threat Forward

In the last post, I described what Oracle was doing and has done in relation to support customers accessing documentation for products they don’t license.  I stand by my assertion that enforcing access control in this situation is fairly trivial.  However, for Oracle, spending anything on securing access is a waste of time and money.  Here are two reasons why:

1. Oracle suffers no harm if an actual customer reads support documentation for other products.  They cannot stop Rimini Street from accessing these materials even with strong access control…the consultants will just have to spend slightly more effort to keep up-to-date on the documentation one product at a time rather than en masse.
2. Oracle has a business driver to eliminate the competition that Rimini Street presents.  They are going to dedicate resources to achieve this through the courts and through their business practices regardless of what ends up being their trigger event.

In my searching, I’ve not found any cases where Oracle has actually sued an end-user customer for exceeding their authorization.  I suspect that if there was never a Rimini Street or a TomorrowNow, this access control issue would not see the light of day.  Given their stance on third parties providing support for Oracle products, they’ve already allocated the money and effort to fight the competition — spending money on securing the support docs is pointless.