Let me start this post with following quotation "People are definitely a company's greatest asset. A company is only as good as the people it keeps".
I fully agree with these sentences because regarding current topic it's definitely true and appropriate. I hear very often that "Oracle is too expensive" or "We pay a lot of money for it". Honestly I agree, it is expensive but also has lot to offer for that price. But most of the time when I hear such complains, I always ask back with the question is "Does it need to be?", "Do you really need all stuff (options, packs or other features) you pay for?". But there is another potential problem I'd like to discuss in this post. Every company has (should have) department or specific people responsible for Software Asset Management (or precisely Software Licenses Management). They maintain the evidence of license contracts, current price holds and usually they should have software repository which holds all information about used software and purchased licenses. What does it with IT staff like DBAs? What does it have with Oracle as technology itself? A quite lot. Let me explain it in this post.

Internet is a great thing, it's a perfect source of information. Back to 1998 in times when I started with my first steps with Oracle Database there wasn't so many public knowledge sources about it. Software had been shipped on CDs and it had been very rare to see online documentation. Not many books in the book store, no Blogs and of course no Oracle ACE program as well :-). Those days are just memory today and by the time Internet became great source of information or software like Oracle Database XE thus place where one can get great portion of knowledge or even lessons learnt from other people thus it's very easy to leverage the experience. The side effects of this transformation of Internet is that many times people take information found there as a single point of truth, many people have slow down their skills development, because many solutions for potential problems can be easily found there moreover less experienced people don't study things closely they found or they are not so careful. The potential result could be harmful.


1. Your company may become under-licensed

In old times DBA's world and scope was everything what was stored or has happened within database. Experienced DBAs knew that not just DB configuration and application code have influenced database performance, so they felt that it has been necessary to see things in full picture thus to have solid understanding of full stack from bottom to the top which means to understand things around storage layer, OS layer, network layer, DB layer (of course) and application layer as well (SQL and PL/SQL). This knowledge is and always has been influential to the fast identification and resolution of issues. In fact exactly this approach came later known as DBA 2.0 - The Next Generation DBA initiative back in 2008 (perhaps too late but at least...).
Database area has moved further since 2008 (now it's time for DBA 3.0) and in these days modern DBA should be familiar with current trends (e.g. Cloud) and also probably the most underestimated thing in DBA's world - Licensing.
As I stated in the beginning of this article amount of information on Internet growth over years dramatically and it is possible to find many Cookbooks, HOWTOs or even scripts.

Consider this example taken from known web page (of my fellow Oracle ACE program member) found on Internet listed in top 3 results of search engine) according to page rank it's obvious that this page might have huge number of visitors:

---------------------------------
If you need to create a snapshot manually, because you don’t like the one-hour interval, or if you disabled taking snapshots at all:

EXEC DBMS_WORKLOAD_REPOSITORY.create_snapshot;

Create a report:

@$ORACLE_HOME/rdbms/admin/awrrpt.sql

This script will ask you for the format of the report (html or plain text), the snapshot ID for start and end of the report (an overview of the last n day’s snapshots is given) and for a report name, that’s used for the report file name (.html or .lst).

Stay happy with your databases,
---------------------------------

Now what's the catch here? Let me ask you couple of questions:

- Did you know that AWR feature is included in Diagnostic pack?
- Does have your Oracle Database Diagnostic pack licensed?
- Does your instance control usage of Diagnostic pack?

If your answer was 3x "No" (or "No" to last two questions) your database might be under-licensed at this moment. In this particular case less knowledge and using the default configuration settings resulted to under-licensed environment. Answer for the second question should be given by department or team responsible for Software Asset Management (mentioned at the top of this article).
Each new version of the database comes with new and interesting features, not just for administrators but also for developers. It's almost impossible to expect from developer that he/she would know how the features are licensed but this is the point which DBA should be aware of, moreover only DBA is able to control usage of extra paid features.
Well perhaps, in this case the script is free of charge but database software and especially feature which is using is not free at all.
Let's say that your DB environment has (just) 4xCPU (Intel) cores while list price (CPU metric) for Diagnostic pack is 5000 USD (check your price hold), that means 10000 USD (Capex) and (approx.) 2200+ USD (Opex every year) "damage" for your company. The web page states "Stay happy with your databases", unfortunately this definitely right place for the sarcasm. Diagnostic pack is very useful pack but this is not definitely the correct way how to tell to the management "We need it!".

I checked several Blogs listed in top 20 results given by my favourite search engine. Almost of them were from well known people in Oracle community (most of them from members of the Oracle ACE program) but only one of them contained disclaimer or warning about usage of extra paid option. But also this particular page provides scripts where the disclaimer/warning is missing among other remarks in top of the script.

Knowledge is key here and study of new features shouldn't be limited to features only but also licensing implications. It should be part of your standard practice. This is probably bad message for a Google/Stackoverflow DBAs, which are (very often) lazy and refusing continuous self-education, relying on the knowledge of the other's instead on their own.
Note that Licensing is really complex topic (don't hesitate to hire some consultant well experienced in this area) but to know the basics could protect you from potential problems and your company as well.


2. Your system may become accidentaly unstable, unaccessible or even compromized

This paragraph is about different type of hidden (potentially bigger) danger while the source remains the same. I'm not going to talk about it's generally bad idea to have accessible listener/dispatcher port accessible from the Internet, about using of default passwords or other basic things. Let me explain the issues by examples.

Examine this command (part of example mentioned in previous paragraph):

 

 

Have you ever heard about "PasteJacking"? So, this is it. Now consider less skilled DBA with lack of knowledge, with bad (or not so good) stress factor in stressful situation such as performance degradation or even outage of mission or business critical database. He finds a "quick-win solution", a script published in some article on the Internet. What he will do in this situation?
Now consider the script which may contain DROP commands or other sophisticated evil code...
Of course

Know the source and even if source is page of well known person in the community or industry doesn't necessarily mean that his pages weren't compromised thanks to bug in publishing system he is using.
You should always check and fully understand what you are going to "paste" to the SQLPlus, shell, etc.

Another story is using "solution" which is not appropriate for the problem. Some time ago some guys were facing to some issue where the flushing of buffer cache was a workaround that helped. Of course they found this workaround on Internet. You may guess what happened during another completely different issue although with similar symptoms, but unfortunately not the same. Yes, flush of buffer cache was the first thing that guys tried in order to "fix" the problem. It didn't work for that particular issue moreover it has created another one.
Well, glucose is commonly used in medicine but don't try give it to a patient with diabetes when he fainted due to lack of insuline.

Rock solid knowledge and adopting a good practices or habits is the key how to not put your database in to problems or even danger. With rock solid knowledge you will understand Blogs and other articles published on Internet as a additional information sources and not as a easy problem solvers. Knowledge is the asset for thus skilled people make company's greatest asset.

Let me finish this post with a funny quote: "Don't believe everything you read on or copying from the Internet. Abraham Lincoln"