Oracle Database Vault implements powerful security controls within Oracle Database 18c. These unique security controls restrict access to application data by privileged database users, reducing the risk of insider and outside threats and addressing common compliance requirements.
Stolen privileged user credentials are one of the most common attack vectors used by hackers, insiders, organized criminals, and advanced persistent threats (APTs). Oracle Database Vault provides powerful cyber security controls to help protect application data from unauthorized access and improve compliance with privacy and regulatory requirements.
Oracle Database Vault security controls help organizations address compliance with data privacy laws and standards such as the EU General Data Protection Regulation (GDPR), the Payment Card Industry Data Security Standard, and numerous other regulations that require strong internal controls on access, disclosure, or modifications to sensitive information.
Prevent malicious or accidental changes that disrupt operations by privileged user accounts. Command controls prevent unauthorized commands such as DROP TABLE or ALTER SYSTEM outside of maintenance windows.
IP addresses, usernames, client program names and other factors can be used as part of Oracle Database Vault security controls to increase security. Since an attacker can't simply use a stolen account to access sensitive data, it can block unauthorized access to sensitive data and generate high value alerts notifying administrators of suspicious data access activity to help stop data theft before it happens.
Separation of duty allows organizations to provide a check and balance with their privileged users. The enforced separation of duty implemented by Oracle Database Vault makes it difficult for an attacker to disable security controls, create false users and access sensitive data by leveraging credentials from a single privileged account.
Accounts tend to gather privileges and roles over time. Such over-privileged accounts provide an attractive target for hackers. Oracle Database Vault’s privilege analysis records actual privileges and roles used and unused by an account in operation. This information is used to tailor accounts with least privileges to minimize the attack surface and address compliance and regulatory requirements.
Oracle Database Vault secures new and existing database environments, eliminating costly and time consuming application changes. Integral with Oracle Database 18c, it offers compatibility with your enterprise architecture without the need to deploy additional servers and agents.