back to the main page
Trust but Verify: Oracle Audit Vault Increases Security, Reduces Threat
Faced with numerous regulatory mandates and increasing concerns about insider threats, businesses are auditing their data as an important security resource. This can be a costly and time-consuming strategy, however, because audit data is typically distributed across systems and difficult to access without resorting to manual processes. By automating the collection and analysis process, Oracle Audit Vault—a key component of Oracle’s governance, risk, and compliance platform—consolidates large amounts of data into a single repository and makes compliance reporting much simpler.
Trust but Verify
Database audits help pinpoint suspicious user behavior through the collection and examination of database records. Oracle Audit Vault facilitates this process, by delivering a comprehensive view of these records and ensuring their integrity. This increases security while lowering compliance costs, by making it easier for auditors and security personnel to manage and report on the data. Also, with central management of the auditing configuration, it becomes simpler for an organization to deploy consistent, uniform audit policies.
Recent highly publicized data breaches have made information protection a top-level concern, causing many businesses to adopt the trust-but-verify principle. Trust-but-verify simply means that users are trusted to do their assigned tasks and duties but that their actions are monitored for verification and compliance with policies. Oracle Audit Vault enforces trust-but-verify by creating reporting and monitoring processes that audit the activities of all users, especially those with high-level privileges.
“With legislative mandates and security threats on the rise, it is increasingly important for organizations to adopt and implement comprehensive protection and compliance initiatives,” says Trent Henry, senior analyst, Burton Group, an independent provider of research and advisory services. “Given the critical information at stake, database auditing and monitoring solutions are fundamental for today’s environment, because they serve a dual purpose: helping streamline audit reporting while improving an organization’s overall security.”
Delivering Value to Customers and Partners
Customers and partners who participated in the Oracle Audit Vault beta program quickly recognized the product’s unique ability to help several industries streamline audit requirements associated with regulations such as the Sarbanes-Oxley (SOX) Act, the Health Insurance Portability and Accountability Act (HIPAA), and the Payment Card Industry (PCI) data security standard.
“Companies are aiming to manage compliance costs while minimizing the operational and performance impact. They are seeking technology that addresses compliance requirements and strengthens security,” says Shahed Latif, principal, KPMG LLP, the audit, tax, and advisory firm. “Using products that can help simplify compliance reporting is consistent with our view that technology can play a critical role in automating controls and increasing effectiveness.”
To learn more, visit the Oracle Audit Vault page on Oracle.com.
back to the top
|
