We’re sorry. We could not find a match for your search.

We suggest you try the following to help find what you're looking for:

  • Check the spelling of your keyword search.
  • Use synonyms for the keyword you typed, for example, try "application" instead of "software."
  • Start a new search.
Contact Us Sign in to Oracle Cloud

Database security

The threat to data has never been greater. Oracle Database helps reduce the risk of a data breach and simplifies regulatory compliance with security solutions for encryption and key management, granular access controls, flexible data masking, comprehensive activity monitoring, and sophisticated auditing capabilities.

Person standing on circular stones holding a spear and shield.
Learn about database security

Data drives every organization. Learn how data security solutions from Oracle work together to preserve the confidentiality, integrity, and availability of data stored in databases.

Recognized Leader: Database Security

Oracle again named the overall leader in the 2021 KuppingerCole Leadership Compass for Database and Big Data Security.

New ebook: Securing the Oracle Database, Fourth Edition

Explore all aspects of database security, including today’s threats, architectural diagrams, and how to use best practices to mitigate risks to sensitive data.

Why database security is critical

Mitigate risks from misconfigured databases

Databases are complex systems with hundreds of parameters, profile options, and configuration directives—an almost infinite combination of settings. A misconfigured database increases the risk of an exploit that gains unauthorized access. Oracle security solutions assess risks from security configurations and users and identify areas where those risks can be mitigated or eliminated.

See database security solutions

Render stolen data useless

Hackers can steal clear-text database data directly from the database, storage, exports, or backups. Most data privacy regulations require or encourage masking or encryption of data at-rest and in-motion. Oracle Database offers comprehensive encryption, key management, and masking capabilities that scale to enterprise-level workloads.

See database security solutions

Restrict unauthorized access by privileged users

Privileged users manage databases, but should all of them be able to access sensitive data? Reduce data breach risk from hackers or misuse of insider trust. Enforce separation of duties and prevent data theft, even from accounts with compromised passwords. Use context-sensitive security policies to control sensitive database options.

See database security solutions

Monitor access and demonstrate compliance

A breach can be blocked or mitigated if inappropriate access attempts are detected quickly. Audit database activities and monitor SQL queries in real-time. Use built-in and customized reports to address compliance requirements.

See database security solutions

Database security solutions

Assess security posture and risk profile

Misconfigured systems are a common contributor to data breaches. Unauthorized privileges and role grants can also lead to the loss or misuse of data. Assess hundreds of configuration settings for databases to quickly find security issues and mitigate any risks.

  • Establish a secure baseline configuration and detect drift from that configuration.
  • Monitor database accounts and quickly detect new accounts or changes to privileges for existing accounts.
  • Get recommendations on improving security with Oracle best practices, CIS benchmarks, DISA STIGs, and the EU General Data Protection Regulation (GDPR).
  • Mitigate risks by determining the exposure level and required security controls for the sensitive and personal data in your database.
  • Identify highly privileged users whose accounts could present critical risks to the database if compromised or misused.
Solutions

Encryption is a fundamental security technology

Without encrypting data in transit over the network, it’s too easy for bad actors to simply “sniff” the network traffic and view potentially sensitive data. Without encrypting data at rest inside the database, anyone who gains access to the underlying storage (including data files, backups, and database exports) can use file system tools to read the data directly, bypassing both access controls and audit policies. With Oracle encryption solutions, you can:

  • Reduce the impact of a data breach and noncompliance by encrypting data.
  • Improve manageability and resiliency by adopting proper key management.
Solutions
  • Oracle Advanced Security

    Oracle Advanced Security provides transparent data encryption (TDE) and data redaction. It is an integrated database option, so no installation is required. Data encryption is explicitly designed to be transparent to database sessions.

  • Oracle Key Vault

    Oracle Key Vault provides highly available key and secrets management.
    Watch the Key Vault video (8:31)


Eliminate risk in test and development environments

Attackers frequently target test and development environments because they know that these environments are usually less likely to be monitored and often do not carry the same level of data protection controls. Data masking eliminates risk by replacing sensitive data with masked, artificial data so that even if there is a breach, no real data is lost. Identify and mask sensitive data quickly using templates and libraries.

Solutions
  • Oracle Data Safe

    Oracle Data Safe is a cloud service that scans your database for sensitive data and masks that sensitive data in nonproduction systems, removing the security risk.
    Watch: Discover and Mask Sensitive Data with Data Safe (11:58)

  • Oracle Data Masking and Subsetting

    Oracle Data Masking and Subsetting is a pack for Oracle Enterprise Manager that scans your database for sensitive data and masks that data in nonproduction systems to remove security risk. Data Masking and Subsetting also creates reduced-size copies of your data to minimize storage costs in nonproduction systems.




Enforce the principle of least privilege

Almost all database breaches involve the use of compromised accounts. Hackers specifically target application service accounts and database administrators as they have unfettered, wide access to sensitive data. But with data access control, you can:

  • Enforce separation of duties to control access based on security privileges.
  • Identify sensitive data and ensure that administrators can manage the database, but not access the sensitive data.
  • Ensure that access is within the proper context, according to organizational policy, when access to sensitive data is allowed.
  • Control SQL commands and critical database operations based on multiple factors.
Solutions

Detect threats and monitor activity

In most cases, unauthorized access is discovered after an event—sometimes several months after the initial breach. During the time between breach and discovery, attackers can exfiltrate data from the database, increasing the amount of damage they cause. Early detection shrinks the time to exfiltrate data and reduces the severity of the breach. In some cases, early detection can prevent a data breach altogether.

Monitoring database activity supports investigations that can help identify what happened, when it happened, and what data was accessed. By auditing and monitoring user activity across Oracle (and other) databases and operating systems, you can:

  • Detect and block threats in database activity.
  • Simplify compliance reporting and help identify risky user behavior.
  • Comply with CIS benchmarks and DISA STIG auditing requirements.
  • Provision audit policies that balance the need to monitor activity with the impact of collecting and storing audit data.
Solutions

Get hands-on experience using Oracle security solutions with LiveLabs guided workshops.

View all customer successes

Oracle Database security customer successes

Oracle Database security customers leverage a wide range of solutions to protect sensitive data from internal and external threats and to simplify and accelerate compliance efforts.

Epsilon
Rakuten
MESTEC
Pragmatyxs
NOS
NATIONAL INFORMATION PROCESSING INSTITUTE
NRMA
SOHO MEDIA SOLUTIONS
Soho logo

SOHO Media Solutions Chooses Oracle Data Safe to Improve Database Security and Address GDPR Compliance

March 16, 2022

Oracle Data Safe Update Delivers a New Look and Enhanced Capabilities

Michael Mesaros, Director of Product Management, Database Security

Oracle Data Safe delivers essential data security services for Oracle Databases, both in the cloud and on-premises, all through an accessible, easy-to-use cloud-based interface that requires no installation or deployment. Since launching Data Safe over two years ago, the product team has added several new capabilities and features. With the latest update to Oracle Data Safe, we have completed the migration of all Data Safe features to the Oracle Cloud Infrastructure (OCI) console.

Featured blogs

View all

Resources

Cloud readiness

Introduction to Oracle Database security

Familiarize yourself with Oracle Database’s rich set of security features and options to manage user accounts, authentication, privileges, application security, encrypting data at rest and in motion, auditing, and more.

Documentation

Oracle Database security documentation

Explore Oracle’s robust documentation for database security to understand functionality, improve your own skills, and troubleshoot issues. Dedicated sections include access management, application security, data encryption and redaction, and more.

community

AskTOM database security Office Hours

AskTOM Office Hours offers free, open Q&A sessions with the database security product management team. Office Hours helps you fully leverage the multitude of enterprise-strength database security tools available to your organization.

Learning Library

Continuing database security education

Discover content based on category, product, or content type with Oracle Learning Library. You can also learn new skills to help you develop your career and even collaborate with other users.

Plan, Adopt, Innovate logo Plan, Adopt, Innovate

Oracle provides both the technology and the guidance you need to succeed at every step of your journey, from planning and adoption through to continuous innovation.

Get started


Try Data Safe at no cost

Oracle Cloud trial accounts include the ability to register one on-premises (or third-party cloud) database with Data Safe at no cost. Learn what Data Safe can do to simplify the work of securing your database.


Run the Database Security Assessment Tool

Quickly assess database security posture and get recommendations to mitigate risks.


Try the solutions for yourself

Explore the database security workshops on Oracle LiveLabs and try these solutions for yourself.


Contact sales

Talk to a team member about Oracle database security.