Oracle Database Compliance Solutions
Regulatory compliance, protection of personally identifiable information and internal threats are three of the top concerns facing internal auditors, IT executives, application designers, human resource managers and security officers today. Strictly adhering to documented organizational procedures is a large part of the solution, however, technology plays a critical role when data is outside the control of the application, when the application is bypassed and when data access must be controlled based on factors such as job responsibility, geographical location and time of day. While no one single technology provides the magic bullet to address all issues, Oracle provides solutions to help customers address today's top security concerns.
|
Protecting the network and media |
 |
 |
Encrypting network traffic: Oracle network encryption provides an easy way to protect against insider threats by encrypting data traveling between databases and application servers, using industry standard encryption technologies, including AES. More ... |
|
Protect tape backup: When data leaves the secure perimeter of the database, access control measures are no longer enforced. This highlights the importance of encrypted backups ... Oracle Recovery Manager (RMAN) allows encryption of entire 'backup sets' to disk, while Oracle Secure Backup provides data encryption to tape. More ... |
|
Protect data on disk: Recent headlines concerning misplaced storage media has resulted in increased awareness of keeping data secure even outside the database. Oracle offers encryption technology to reduce the threat posed by this business problem. More ... |
Audit and Configuration Monitoring |
|
|
Defense in depth: The battle between those who manage and protect data and those who want to gain access for illicit purposes requires more than just strong authentication and strong access controls. Auditing is an important aspect of an organisation's data protection plan.
Oracle Database provides robust audit capability, including context-based auditing. More ... |
|
Reporting: Oracle Database Vault provides out-of-the-box security related reports that enable the Security administrator to understand security relevant events and protect the database and the applications. More ... |
|
Auditing sensitive data: Auditing can frequently produce large amounts of data which can be difficult to analyse. The ability to audit specific data under specific conditions is a powerful tool in the audit arsenal. More ... |
|
Are your Databases configured securely? Most organizations have well-documented procedures for approving configuration changes. Oracle Enterprise Manager Grid Control provides automated tools for patching Database servers and monitoring their configurations. More (pdf) |
|
Internal Threat |
|
|
DBA access: Worried about employees who could connect to a database with the DBA role, or 'as SYSDBA', gaining read or write access to personally identifiable information? With Oracle Database Vault, applications can be surrounded by a protective shield, called a Realm. Realms allow the DBA to continue managing the database, while preventing access to application data. More ... |
|
Who, when & where: Factors such as time of day, database client’s location on a network, or custom factors specific to the enterprise can be used independently or in combination to enforce multi-factor authorization and control the ability to access the application. For example, access to the database could be restricted to a specific middle tier during a specific time window. Database Vault multi-factor authorization significantly strengthens security. More ... |
|
Configuration controls: Want to maintain the certified configuration of your database and be sure that nobody can create or delete any database objects? Command rules allow you to define actions that are invoked as soon as a certain command is issued against the Oracle Database. More ... |
|
Access Controls: Properly managing access control is an important security component, when the same database is accessed by employees, partners and customers. Oracle provides robust support for database roles to help manage access to data. Additionally, Oracle provides Secure Application Roles, which offers higher security by allowing role enablement only after any number of security checks have been passed (certain hours on weekdays only, and not while remotely accessing the database). More ... |
|
Row-level security: In some cases, restricting access to the entire table may not be granular enough and you need row-level access control. Oracle provides row-level security which can be used to enforce stringent access control policies. More ... |
|
Data classification: In other cases, access to data rows must be restricted based on data classification; Oracle provides a powerful, out-of-the-box solution with Oracle Label Security. More ... |
|
Multi-level security: Oracle is the only database vendor to provide a mature and adaptible multi-level security product for high security requirements found in government, defense and law enforcement environments, successfully evaluated at EAL4 Common Criteria. More ... |
|
Strong authentication |
|
|
PKI, Kerberos, RADIUS: Oracle Databases can easily be integrated into an existing infrastructure that leverages PKI, Kerberos or RADIUS. Kerberos is a popular option for customers who deploy Oracle in Windows environments. More ... |
Application Integration |
|
|
Maintaining user identities in a 3-tier environment: If your employees or customers log into an application, and the application connects to the underlying database as a 'big app user', the identities of the individuals are lost, making it more difficult to audit and enforce access controls. Oracle offers two solutions: Both 'client identifier' and 'proxy authentication' can be used to maintain the identity of the users, enabling the enforcement of audit and access control policies in the database. |
|
Manage all users in one place |
|
|
Regulatory compliance requires stringent internal controls User provisioning is a key aspect of internal controls by ensuring that employees and customers have access to the appropriate database in a timely manner. Similarily, when employees leave the company, removing access right is time-sensitive as well. Oracle Enterprise User Security simplifies user management by consolidating user accounts from multiple databases into one centralized LDAP-compliant directory. More ... |
|
|
|
 |
Learn More |
 |
|
Related Technologies |
|
|
Previous Releases |
|
|
Discussion Forums |
|
|
Bookmark
