Oracle Database Vault

Oracle Database Vault implements powerful security controls within Oracle Database 18c. These unique security controls restrict access to application data by privileged database users, reducing the risk of insider and outside threats and addressing common compliance requirements.

What's New in Database Vault

Get the Details

Database Vault Features

Overview

Stolen privileged user credentials are one of the most common attack vectors used by hackers, insiders, organized criminals, and advanced persistent threats (APTs). Oracle Database Vault provides powerful cyber security controls to help protect application data from unauthorized access and improve compliance with privacy and regulatory requirements.

Protect Sensitive Data

Oracle Database Vault security controls help organizations address compliance with data privacy laws and standards such as the EU General Data Protection Regulation (GDPR), the Payment Card Industry Data Security Standard, and numerous other regulations that require strong internal controls on access, disclosure, or modifications to sensitive information.

Prevent Unauthorized Changes to the Database

Prevent malicious or accidental changes that disrupt operations by privileged user accounts. Command controls prevent unauthorized commands such as DROP TABLE or ALTER SYSTEM outside of maintenance windows.

Use Multiple Trusted Factors to Authorize Access

IP addresses, usernames, client program names and other factors can be used as part of Oracle Database Vault security controls to increase security. Since an attacker can't simply use a stolen account to access sensitive data, it can block unauthorized access to sensitive data and generate high value alerts notifying administrators of suspicious data access activity to help stop data theft before it happens.

Separation of Duty

Separation of duty allows organizations to provide a check and balance with their privileged users. The enforced separation of duty implemented by Oracle Database Vault makes it difficult for an attacker to disable security controls, create false users and access sensitive data by leveraging credentials from a single privileged account.

Least Privileges

Accounts tend to gather privileges and roles over time.  Such over-privileged accounts provide an attractive target for hackers. Oracle Database Vault’s privilege analysis records actual privileges and roles used and unused by an account in operation. This information is used to tailor accounts with least privileges to minimize the attack surface and address compliance and regulatory requirements.

Fast, Secure and Embedded

Oracle Database Vault secures new and existing database environments, eliminating costly and time consuming application changes. Integral with Oracle Database 18c, it offers compatibility with your enterprise architecture without the need to deploy additional servers and agents.

Connect with other Oracle Database users and experts.

Join in the conversation about Oracle Database Vault