Oracle
Database Vault

Oracle Database Vault implements powerful security controls within Oracle Database 18c.  These unique security controls restrict access to application data by privileged database users, reducing the risk of insider and outside threats and addressing common compliance requirements.  

Overview


Stolen privileged user credentials are one of the most common attack vectors used by hackers, insiders, organized criminals, and advanced persistent threats (APTs). Oracle Database Vault provides powerful cyber security controls to help protect application data from unauthorized access and improve compliance with privacy and regulatory requirements.

Protect Sensitive Data


Oracle Database Vault security controls help organizations address compliance with data privacy laws and standards such as the EU General Data Protection Regulation (GDPR), the Payment Card Industry Data Security Standard, and numerous other regulations that require strong internal controls on access, disclosure, or modifications to sensitive information.

Prevent Unauthorized Changes to the Database


Prevent malicious or accidental changes that disrupt operations by privileged user accounts.  Command controls prevent unauthorized commands such as DROP TABLE or ALTER SYSTEM outside of maintenance windows.

Use Multiple Trusted Factors to Authorize Access


IP addresses, usernames, client program names and other factors can be used as part of Oracle Database Vault security controls to increase security. Since an attacker can't simply use a stolen account to access sensitive data, it can block unauthorized access to sensitive data and generate high value alerts notifying administrators of suspicious data access activity to help stop data theft before it happens.

Separation of Duty


Separation of duty allows organizations to provide a check and balance with their privileged users. The enforced separation of duty implemented by Oracle Database Vault makes it difficult for an attacker to disable security controls, create false users and access sensitive data by leveraging credentials from a single privileged account.

Least Privileges


Accounts tend to gather privileges and roles over time.  Such over-privileged accounts provide an attractive target for hackers. Oracle Database Vault’s privilege analysis records actual privileges and roles used and unused by an account in operation.  This information is used to tailor accounts with least privileges to minimize the attack surface and address compliance and regulatory requirements.

Fast, Secure and Embedded


Oracle Database Vault secures new and existing database environments, eliminating costly and time consuming application changes.  Integral with Oracle Database 18c, it offers compatibility with your enterprise architecture without the need to deploy additional servers and agents.

Oracle Live SQL

OTN Cloud Promo RHS