Security Inside Out Edition
Oracle Corp
July 2012 Stay Connected: TwitterFacebookBlog    TwitterFacebookBlog
Back to the main page
Regulatory Pressures Drive Demand for Solutions That Demonstrate Compliance

Industry and government security regulations are continually putting pressure on organizations to demonstrate compliance—from the Payment Card Industry (PCI) Data Security Standards to HIPAA’s Health Information Technology for Economic and Clinical Health (HITECH) Act.

"It is increasingly vital for organizations to know who has access to what, whether that access is appropriate, and that sensitive data is secure," explains Willie Hardie, vice president, Oracle Database product marketing. “And from a compliance perspective, it’s equally important that organizations are able to prove that appropriate access and data security controls are in place.”

To manage these challenges, organizations need a partner that can provide a comprehensive and in-depth set of solutions in order to navigate a clear path toward demonstrating compliance. They need to ensure sensitive data and applications are protected and identities are properly managed.

Stay Compliant by Protecting Data at the Source
Oracle provides a comprehensive portfolio of security solutions that ensure data privacy, protect against insider threats, and enable regulatory compliance for both Oracle and non-Oracle databases.

The strategy focuses on securing data at the source—the database. A good place to start is encrypting data without impacting applications. Oracle Advanced Security encrypts sensitive data stored in Oracle Databases and requires no changes to applications. Data is automatically encrypted when it is written to disk and automatically decrypted when accessed by the application. Hear how IBI Group integrated Oracle Advanced Security into their toll operation application.

A key preventive measure for compliance, encryption can be used in conjunction with access controls to keep privileged users from getting to sensitive data. Organizations can also defend against insiders, or those who obtain privileged user credentials. Oracle Database Vault helps organizations increase the security of existing applications and address regulatory mandates that call for separation of duties, least privilege, and other preventive controls to ensure data integrity and data privacy.

Organizations must also put in place detective measures. This includes collecting audit data across all databases to detect threats and ensure compliance. To reduce the cost and complexity of this potentially burdensome process, Oracle Audit Vault automates the collection and consolidation of database audit trails. It provides a secure and highly scalable audit warehouse for simplified reporting, analysis, and threat detection. Read how Bankart integrated Oracle Audit Vault to ensure PCI DSS compliance and maximize cardholder data protection.

Stay Compliant by Managing Identities
Certifying employee access on a recurring basis can be a time-consuming and complex process for business managers. Today the certification process is difficult to track because it is spreadsheet-driven, complex, time-consuming, and error-prone. Oracle offers the industry’s most advanced identity governance solution to automate the demands of access certification.

Oracle‘s identity governance solution consolidates and correlates identity data through data warehousing. At the same time, it offers a 360-degree view of user access—plus automated IT controls and rich reporting tools.

Watch this demo to learn how Oracle can simplify and accelerate certification reviews. A process that once took weeks can be reduced to minutes, resulting in better visibility and accountability, improved productivity, and huge cost savings. Learn how ING closed compliance gaps with Oracle Identity Management solutions.

"Automation is key to increasing both the effectiveness of compliance and the ability to control costs," explains Naresh Persaud, director of marketing, Oracle Identity Management. "It enables sustainable, repeatable audit processes that reduce the risk of manual errors. At the same time, you don't have to start from scratch to address every new regulation or to prepare for every audit."

Learn more about achieving compliance with Oracle security solutions.

Back to Top
Oracle Information InDepth newsletters bring targeted news, articles, customer stories, and special offers to business people who want to find out how to streamline enterprise information management, measure results, improve business processes, and communicate a single truth to their constituents.

Please send questions or comments to

For answers to questions about subscribing, unsubscribing, and managing your Oracle e-mail communications preferences, please see the Oracle E-Mail Communications page.

Copyright © 2012, Oracle Corporation and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

This document is provided for information purposes only, and the contents hereof are subject to change without notice. This document is not warranted to be error-free, nor is it subject to any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. We specifically disclaim any liability with respect to this document, and no contractual obligations are formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission.