SlideShare a Scribd company logo

Ppt security-database-overview-11g r2

Oracle BH
Oracle BH
1 of 34
Download to read offline
<Insert Picture Here> Oracle Database Security Gabriel Trauvitch – Master Principal Solutions Specialist – Grid Architect Technology Presales – Greece & SEE
More Data Than Ever Growth Doubles Yearly 1,800 Exabytes 2006 2011 Source: IDC, 2008 2
Oracle Database Security Business Drivers Industrial Espionage Security Threats Identity Theft Insider Threats Data Consolidation Globalization Right Sourcing SOX HIPAA PCI Compliance Mandates EU FDA Basel II GLBA SB1386 Directives 3
More Breaches Than Ever Data Breach Once exposed, the data is out there – the bell can’t be un-rung PUBLICLY REPORTED DATA BREACHES 400 300 630% Increase 200 100 Total Personally Identifying Information Records Exposed 0 (Millions) 2005 2006 2007 2008 Average cost of a data breach $202 per record Average total cost exceeds $6.6 million per breach Source: DataLossDB, Ponemon Institute, 2009 4
More Threats Than Ever… 5
Market Overview: IT Security In 2009 There has been a clear and significant shift from what was the widely recognized state of security just a few years ago. Protecting the organization's information assets is the top issue facing security programs: data security (90%) is most often cited as an important or very important issue for IT security organizations, followed by application security (86%). Market Overview: IT Security In 2009 - Jonathan Penn, April 22, 2009 6
Data Security Challenges • What to secure? • Sensitive Data: Confidential, PII, regulatory • Data in packaged and custom applications • Secure Life cycle: creation, transit, storage, backup, test, transfer • Can we secure it now? • Secure using existing systems? • Transparent? • Loss, Unauthorized access, Separation of Duty • Will it meet business requirements? • Flexible, Transparent, Compliant? • Secures both custom and packaged applications? • Will it reduce operational cost? • Easy to manage? • Performant? 7
Oracle Database Security Defense-in-Depth for Security and Compliance Monitoring Audit Vault Total Configuration Management Recall Access Control Database Label Vault Security Encryption and Masking Advanced Data Secure Security Masking Backup 8
Oracle Database Security Defense-in-Depth for Security and Compliance Encryption and Masking Advanced Data Secure Security Masking Backup 9
Oracle Advanced Security Transparent Data Encryption Disk Backups Exports Application Off-Site Facilities • No application changes required • Efficient encryption of all application data • Built-in key lifecycle management • Works with Exadata V2 Smart Scans • Works with Oracle Advanced Compression 10
Oracle Advanced Security Network Encryption & Strong Authentication • Standard-based encryption for data in transit • Strong authentication of users and servers • No infrastructure changes required • Easy to implement 11
Oracle Secure Backup Integrated Tape or Cloud Backup Management • Secure data archival to tape or cloud • Easy to administer key management • Fastest Oracle Database tape backups • Leverage low-cost cloud storage 12
Oracle Data Masking Irreversible De-Identification Production Non-Production LAST_NAME SSN SALARY LAST_NAME SSN SALARY AGUILAR 203-33-3234 40,000 ANSKEKSL 111—23-1111 40,000 BENSON 323-22-2943 60,000 BKJHHEIEDK 222-34-1345 60,000 • Remove sensitive data from non-production databases • Referential integrity preserved so applications continue to work • Extensible template library and policies for automation 13
Large Credit Card Services Provider Cost Effective Encryption of Card Holder Data • Protect sensitive card holder data Business Challenges • Comply with PCI • Deployed Oracle Advanced Security TDE Solution Tablespace Encryption • Addressed internal and external requirements Business Results • Leveraged Oracle Advanced Security integration with Hardware Security Modules for network based management of TDE master encryption key 14
U.S. Pharmaceutical Tools Manufacturer Oracle Advanced Security Protects Sensitive Data • Worried about protection of intellectual Business Challenges property and sensitive employee data • Oracle Advanced Security TDE column encryption • Easy implementation within hours (Oracle Solution PeopleSoft) • TDE with HSM made corporate-wide standard • Average end-user responses time: +2.5 % • Cost effective and transparent implementation of data encryption with no application changes Business Results • Protection of sensitive data at rest and on backup media 15
EMEA-based Real Estate Company Data Masking Pack accelerated availability of production data for testing while improving DBA productivity • Custom scripts to mask sensitive data were not able to scale to meet growing data volumes Business Challenges • DBA team under increasing pressure to make production data available to for application testing within short time frames • Data Masking Pack delivered an out-of-the-box solution to replace custom database scripts Solution • High performance masking capabilities accelerated masking process from 6 hours using database scripts to 6 minutes using Data Masking Pack • 60 X performance improvement in masking process resulted in faster turnaround of test system creation Business Results • Improved DBA productivity by eliminating the requirement to maintain custom scripts 16
Oracle Database Security Defense-in-Depth for Security and Compliance Access Control Database Label Vault Security Encryption and Masking Advanced Data Secure Security Masking Backup 17
Oracle Database Vault Separation of Duties & Privileged User Controls Procurement DBA HR Application Finance select * from finance.customers • DBA separation of duties • Limit powers of privileged users • Securely consolidate application data • No application changes required • Works with Oracle Exadata V2 Database Machine 18
Oracle Database Vault Multi-Factor Access Control Policy Enforcement Procurement HR Application Rebates • Protect application data and prevent application by-pass • Enforce who, where, when, and how using rules and factors • Out-of-the box policies for Oracle applications, customizable 19
Oracle Label Security Data Classification for Access Control Sensitive Transactions Confidential Report Data Public Reports Confidential Sensitive • Classify users and data based on business drivers • Database enforced row level access control • Users classification through Oracle Identity Management Suite • Classification labels can be factors in other policies 20
Large US Based Global Bank Enable Secure Cost Effective Deployments • Outsource administration of multiple applications (E-Business Suite, PeopleSoft and other in-house and 3rd party applications) Business • “Cross Border” security controls to protect country-specific sensitive Challenges client data from DBA access in a different country • Deploy a security solution that is certified with applications and with minimal performance overhead • Deployed Oracle Database Vault on 18+ applications including E- Business Suite, PeopleSoft and other internal and 3rd party applications to prevent privileged user access to application data Solution • Used Database Vault multi-factor authorization to enforce cross- border access control and to prevent “Application Bypass” • Over 200K users accessing these systems globally • Saved over $15M a year by outsourcing/off-shoring backend Business administration operations Results • Addressed “Cross Border” security requirements • Passed external audit and avoided paying fines 21
Pharmaceutical Services Provider Protect Sensitive Customer Information and Address Regulations • Protect and secure the privacy of very sensitive customer medical data and employee data in PeopleSoft Business Challenges • Comply with internal policies and external regulations (HIPAA, SOX, Privacy Laws) • Prevent privileged user access to sensitive data • Deployed Oracle Database Vault with out-of-the-box Solution PeopleSoft protection policies • Took 14 days to go production • Complied with HIPAA and other privacy regulations • Passed external audit • Saved on consulting costs and deployment time by using Business Results the out-of-the-box Database Vault protection policies • Deployed Database Vault with minimal changes to existing internal processes and procedures 22
Large European Telecom Provider Enable Organization to Meet Regulations • Protect the privacy of sensitive client data in their telecom billing system Business • Meet internal, European Data Security Directive, and country-specific Challenges privacy requirements • Prevent tampering or deletion of database objects or database users • Used Database Vault Realms and Command Rules to prevent DBAs from accessing sensitive data • Used Command Rules to prevent tampering or deletion of database Solution objects or users • Used multi-factor authorization to prevent “Application Bypass” based on IP address • Secure the third party billing system without any application changes • Comply with internal, European, and country-specific privacy laws Business • Cost effective preventive controls against any tampering or deletion of Results database objects or users • Maintain good performance without buying additional hardware 23
Oracle Database Security Defense-in-Depth for Security and Compliance Monitoring Audit Vault Total Configuration Management Recall Access Control Database Label Vault Security Encryption and Masking Advanced Data Secure Security Masking Backup 24
Oracle Audit Vault Automated Activity Monitoring & Audit Reporting HR Data ! Alerts Built-in CRM Data Reports Audit Data Custom ERP Data Reports Databases Policies Auditor • Consolidate audit data into secure repository • Detect and alert on suspicious activities • Out-of-the box compliance reporting • Centralized audit policy management 25
Oracle Total Recall Secure Change Tracking select salary from emp AS OF TIMESTAMP '02-MAY-09 12.00 AM„ where emp.title = „admin‟ • Transparently track data changes • Efficient, tamper-resistant storage of archives • Real-time access to historical data • Enables forensics and error correction 26
Oracle Configuration Management Vulnerability Assessment & Secure Configuration Discover Classify Assess Prioritize Fix Monitor Asset Configuration Policy Vulnerability Analysis & Management Management Management Management Analytics & Audit • Database discovery • Continuous scanning against best practices • Detect and prevent unauthorized configuration changes • Change management compliance reports 27
European Healthcare Insurance Provider Simplified Reporting and Stronger Security • Internal and external database audit requirements across 10 Oracle and SQL Server databases Business Challenges • Took 3 months and 2 part time people to create the audit reports for yearly audit • No monitoring for insider threats • Oracle Audit Vault consolidated reporting on audit data from Oracle and SQL Server Solution • Oracle Audit Vault consolidation of audit data removed DBA from audit review process • Saved 100‟s of hours in report generations • Worked with auditors to create customized reports from the out-of-the box default reports for Business Results personalized content • Estimated return on investments in less than 18 months 28
Large Financial Services Provider Stronger Controls • Audit credit card transactions • 20+ production Oracle databases with native Business Challenges auditing already turned on • Need for reports and no resource or budget to create and review them • Oracle Audit Vault audit data collection and secure centralized storage Solution • Audit Vault proactively monitors privileged user access violations, failed database logins, and generates forensic data • Passed internal audits • Automated reporting on credit card transactions Business Results • Secure consolidation of audit data • Detected policy violations of database activity • Deployed in production in 3 months 29
Large European Telco Provider Address Telco Regulations on Call Records • Audit credit card transactions • 20+ production Oracle databases with native Business Challenges auditing already turned on • Need for reports and no resource or budget to create and review them • Oracle Audit Vault audit data collection and secure centralized storage Solution • Audit Vault proactively monitors privileged user access violations, failed database logins, and generates forensic data • Passed internal audits • Automated reporting on credit card transactions Business Results • Secure consolidation of audit data • Detected policy violations of database activity • Deployed in production in 3 months 30
Oracle Database Security Defense-in-Depth for Security and Compliance Monitoring Audit Vault Total Configuration Management Recall Access Control Database Label Vault Security Encryption and Masking Advanced Data Secure Security Masking Backup 31
For More Information search.oracle.com database security oracle.com/database/security 32
33
34

Recommended

Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdfPpt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdfMelody Liu
 
Autonomous Data Warehouse
Autonomous Data WarehouseAutonomous Data Warehouse
Autonomous Data WarehouseMarketingArrowECS_CZ
 
Oracle 12c Multitenant architecture
Oracle 12c Multitenant architectureOracle 12c Multitenant architecture
Oracle 12c Multitenant architecturenaderattia
 
Data Guard Architecture & Setup
Data Guard Architecture & SetupData Guard Architecture & Setup
Data Guard Architecture & SetupSatishbabu Gunukula
 
Oracle DB
Oracle DBOracle DB
Oracle DBR KRISHNA DEEKSHITH VINNAKOTA
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security PresentationFrancisco Alvarez
 
Five_Things_You_Might_Not_Know_About_Oracle_Database_v2.pptx
Five_Things_You_Might_Not_Know_About_Oracle_Database_v2.pptxFive_Things_You_Might_Not_Know_About_Oracle_Database_v2.pptx
Five_Things_You_Might_Not_Know_About_Oracle_Database_v2.pptxMaria Colgan
 
AV/DF Advanced Security Option
AV/DF Advanced Security OptionAV/DF Advanced Security Option
AV/DF Advanced Security OptionDLT Solutions
 

Recommended

Ppt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdfPpt dbsec-oow2013-avdf
Ppt dbsec-oow2013-avdfMelody Liu
 
Autonomous Data Warehouse
Autonomous Data WarehouseAutonomous Data Warehouse
Autonomous Data WarehouseMarketingArrowECS_CZ
 
Oracle 12c Multitenant architecture
Oracle 12c Multitenant architectureOracle 12c Multitenant architecture
Oracle 12c Multitenant architecturenaderattia
 
Data Guard Architecture & Setup
Data Guard Architecture & SetupData Guard Architecture & Setup
Data Guard Architecture & SetupSatishbabu Gunukula
 
Oracle DB
Oracle DBOracle DB
Oracle DBR KRISHNA DEEKSHITH VINNAKOTA
 
Oracle Security Presentation
Oracle Security PresentationOracle Security Presentation
Oracle Security PresentationFrancisco Alvarez
 
Five_Things_You_Might_Not_Know_About_Oracle_Database_v2.pptx
Five_Things_You_Might_Not_Know_About_Oracle_Database_v2.pptxFive_Things_You_Might_Not_Know_About_Oracle_Database_v2.pptx
Five_Things_You_Might_Not_Know_About_Oracle_Database_v2.pptxMaria Colgan
 
AV/DF Advanced Security Option
AV/DF Advanced Security OptionAV/DF Advanced Security Option
AV/DF Advanced Security OptionDLT Solutions
 
Oracle Database 12c : Multitenant
Oracle Database 12c : MultitenantOracle Database 12c : Multitenant
Oracle Database 12c : MultitenantDigicomp Academy Suisse Romande SA
 
Presentation upgrade, migrate &amp; consolidate to oracle database 12c &amp...
Presentation upgrade, migrate &amp; consolidate to oracle database 12c &amp...Presentation upgrade, migrate &amp; consolidate to oracle database 12c &amp...
Presentation upgrade, migrate &amp; consolidate to oracle database 12c &amp...solarisyougood
 
Why oracle data guard new features in oracle 18c, 19c
Why oracle data guard new features in oracle 18c, 19cWhy oracle data guard new features in oracle 18c, 19c
Why oracle data guard new features in oracle 18c, 19cSatishbabu Gunukula
 
Oracle Database Appliance Workshop
Oracle Database Appliance WorkshopOracle Database Appliance Workshop
Oracle Database Appliance WorkshopMarketingArrowECS_CZ
 
Introducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database FirewallIntroducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database FirewallTroy Kitch
 
DB12c: All You Need to Know About the Resource Manager
DB12c: All You Need to Know About the Resource ManagerDB12c: All You Need to Know About the Resource Manager
DB12c: All You Need to Know About the Resource ManagerAndrejs Vorobjovs
 
Oracle EBS R12.2 - Deployment and System Administration
Oracle EBS R12.2 - Deployment and System AdministrationOracle EBS R12.2 - Deployment and System Administration
Oracle EBS R12.2 - Deployment and System AdministrationMozammel Hoque
 
Introduction to oracle database (basic concepts)
Introduction to oracle database (basic concepts)Introduction to oracle database (basic concepts)
Introduction to oracle database (basic concepts)Bilal Arshad
 
Snowflake Best Practices for Elastic Data Warehousing
Snowflake Best Practices for Elastic Data WarehousingSnowflake Best Practices for Elastic Data Warehousing
Snowflake Best Practices for Elastic Data WarehousingAmazon Web Services
 
What to Expect From Oracle database 19c
What to Expect From Oracle database 19cWhat to Expect From Oracle database 19c
What to Expect From Oracle database 19cMaria Colgan
 
Less05 asm instance
Less05 asm instanceLess05 asm instance
Less05 asm instanceAmit Bhalla
 
Oracle RAC features on Exadata
Oracle RAC features on ExadataOracle RAC features on Exadata
Oracle RAC features on ExadataAnil Nair
 
Tanel Poder - Troubleshooting Complex Oracle Performance Issues - Part 2
Tanel Poder - Troubleshooting Complex Oracle Performance Issues - Part 2Tanel Poder - Troubleshooting Complex Oracle Performance Issues - Part 2
Tanel Poder - Troubleshooting Complex Oracle Performance Issues - Part 2Tanel Poder
 
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best Practices
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best PracticesOracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best Practices
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best PracticesMarkus Michalewicz
 
Convert single instance to RAC
Convert single instance to RACConvert single instance to RAC
Convert single instance to RACSatishbabu Gunukula
 
Presentation database security audit vault & database firewall
Presentation database security audit vault & database firewallPresentation database security audit vault & database firewall
Presentation database security audit vault & database firewallxKinAnx
 
"It can always get worse!" – Lessons Learned in over 20 years working with Or...
"It can always get worse!" – Lessons Learned in over 20 years working with Or..."It can always get worse!" – Lessons Learned in over 20 years working with Or...
"It can always get worse!" – Lessons Learned in over 20 years working with Or...Markus Michalewicz
 
Oracle SQL Developer Tips and Tricks: Data Edition
Oracle SQL Developer Tips and Tricks: Data EditionOracle SQL Developer Tips and Tricks: Data Edition
Oracle SQL Developer Tips and Tricks: Data EditionJeff Smith
 
Introduction to Oracle Cloud
Introduction to Oracle CloudIntroduction to Oracle Cloud
Introduction to Oracle Cloudjohnnhernandez
 
OLAP technology
OLAP technologyOLAP technology
OLAP technologyDr. Mahendra Srivastava
 
Best Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security ProductsBest Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security ProductsEstuate, Inc.
 
Oracle database 12c security and compliance
Oracle database 12c security and complianceOracle database 12c security and compliance
Oracle database 12c security and complianceFITSFSd
 

More Related Content

What's hot

Presentation upgrade, migrate &amp; consolidate to oracle database 12c &amp...
Presentation upgrade, migrate &amp; consolidate to oracle database 12c &amp...Presentation upgrade, migrate &amp; consolidate to oracle database 12c &amp...
Presentation upgrade, migrate &amp; consolidate to oracle database 12c &amp...solarisyougood
 
Why oracle data guard new features in oracle 18c, 19c
Why oracle data guard new features in oracle 18c, 19cWhy oracle data guard new features in oracle 18c, 19c
Why oracle data guard new features in oracle 18c, 19cSatishbabu Gunukula
 
Oracle Database Appliance Workshop
Oracle Database Appliance WorkshopOracle Database Appliance Workshop
Oracle Database Appliance WorkshopMarketingArrowECS_CZ
 
Introducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database FirewallIntroducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database FirewallTroy Kitch
 
DB12c: All You Need to Know About the Resource Manager
DB12c: All You Need to Know About the Resource ManagerDB12c: All You Need to Know About the Resource Manager
DB12c: All You Need to Know About the Resource ManagerAndrejs Vorobjovs
 
Oracle EBS R12.2 - Deployment and System Administration
Oracle EBS R12.2 - Deployment and System AdministrationOracle EBS R12.2 - Deployment and System Administration
Oracle EBS R12.2 - Deployment and System AdministrationMozammel Hoque
 
Introduction to oracle database (basic concepts)
Introduction to oracle database (basic concepts)Introduction to oracle database (basic concepts)
Introduction to oracle database (basic concepts)Bilal Arshad
 
Snowflake Best Practices for Elastic Data Warehousing
Snowflake Best Practices for Elastic Data WarehousingSnowflake Best Practices for Elastic Data Warehousing
Snowflake Best Practices for Elastic Data WarehousingAmazon Web Services
 
What to Expect From Oracle database 19c
What to Expect From Oracle database 19cWhat to Expect From Oracle database 19c
What to Expect From Oracle database 19cMaria Colgan
 
Less05 asm instance
Less05 asm instanceLess05 asm instance
Less05 asm instanceAmit Bhalla
 
Oracle RAC features on Exadata
Oracle RAC features on ExadataOracle RAC features on Exadata
Oracle RAC features on ExadataAnil Nair
 
Tanel Poder - Troubleshooting Complex Oracle Performance Issues - Part 2
Tanel Poder - Troubleshooting Complex Oracle Performance Issues - Part 2Tanel Poder - Troubleshooting Complex Oracle Performance Issues - Part 2
Tanel Poder - Troubleshooting Complex Oracle Performance Issues - Part 2Tanel Poder
 
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best Practices
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best PracticesOracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best Practices
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best PracticesMarkus Michalewicz
 
Presentation database security audit vault & database firewall
Presentation database security audit vault & database firewallPresentation database security audit vault & database firewall
Presentation database security audit vault & database firewallxKinAnx
 
"It can always get worse!" – Lessons Learned in over 20 years working with Or...
"It can always get worse!" – Lessons Learned in over 20 years working with Or..."It can always get worse!" – Lessons Learned in over 20 years working with Or...
"It can always get worse!" – Lessons Learned in over 20 years working with Or...Markus Michalewicz
 
Oracle SQL Developer Tips and Tricks: Data Edition
Oracle SQL Developer Tips and Tricks: Data EditionOracle SQL Developer Tips and Tricks: Data Edition
Oracle SQL Developer Tips and Tricks: Data EditionJeff Smith
 
Introduction to Oracle Cloud
Introduction to Oracle CloudIntroduction to Oracle Cloud
Introduction to Oracle Cloudjohnnhernandez
 

What's hot (20)

Oracle Database 12c : Multitenant
Oracle Database 12c : MultitenantOracle Database 12c : Multitenant
Oracle Database 12c : Multitenant
 
Presentation upgrade, migrate &amp; consolidate to oracle database 12c &amp...
Presentation upgrade, migrate &amp; consolidate to oracle database 12c &amp...Presentation upgrade, migrate &amp; consolidate to oracle database 12c &amp...
Presentation upgrade, migrate &amp; consolidate to oracle database 12c &amp...
 
Why oracle data guard new features in oracle 18c, 19c
Why oracle data guard new features in oracle 18c, 19cWhy oracle data guard new features in oracle 18c, 19c
Why oracle data guard new features in oracle 18c, 19c
 
Oracle Database Appliance Workshop
Oracle Database Appliance WorkshopOracle Database Appliance Workshop
Oracle Database Appliance Workshop
 
Introducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database FirewallIntroducing Oracle Audit Vault and Database Firewall
Introducing Oracle Audit Vault and Database Firewall
 
DB12c: All You Need to Know About the Resource Manager
DB12c: All You Need to Know About the Resource ManagerDB12c: All You Need to Know About the Resource Manager
DB12c: All You Need to Know About the Resource Manager
 
Oracle EBS R12.2 - Deployment and System Administration
Oracle EBS R12.2 - Deployment and System AdministrationOracle EBS R12.2 - Deployment and System Administration
Oracle EBS R12.2 - Deployment and System Administration
 
Introduction to oracle database (basic concepts)
Introduction to oracle database (basic concepts)Introduction to oracle database (basic concepts)
Introduction to oracle database (basic concepts)
 
Snowflake Best Practices for Elastic Data Warehousing
Snowflake Best Practices for Elastic Data WarehousingSnowflake Best Practices for Elastic Data Warehousing
Snowflake Best Practices for Elastic Data Warehousing
 
What to Expect From Oracle database 19c
What to Expect From Oracle database 19cWhat to Expect From Oracle database 19c
What to Expect From Oracle database 19c
 
Less05 asm instance
Less05 asm instanceLess05 asm instance
Less05 asm instance
 
Oracle RAC features on Exadata
Oracle RAC features on ExadataOracle RAC features on Exadata
Oracle RAC features on Exadata
 
Tanel Poder - Troubleshooting Complex Oracle Performance Issues - Part 2
Tanel Poder - Troubleshooting Complex Oracle Performance Issues - Part 2Tanel Poder - Troubleshooting Complex Oracle Performance Issues - Part 2
Tanel Poder - Troubleshooting Complex Oracle Performance Issues - Part 2
 
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best Practices
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best PracticesOracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best Practices
Oracle Real Application Clusters (RAC) 12c Rel. 2 - Operational Best Practices
 
Convert single instance to RAC
Convert single instance to RACConvert single instance to RAC
Convert single instance to RAC
 
Presentation database security audit vault & database firewall
Presentation database security audit vault & database firewallPresentation database security audit vault & database firewall
Presentation database security audit vault & database firewall
 
"It can always get worse!" – Lessons Learned in over 20 years working with Or...
"It can always get worse!" – Lessons Learned in over 20 years working with Or..."It can always get worse!" – Lessons Learned in over 20 years working with Or...
"It can always get worse!" – Lessons Learned in over 20 years working with Or...
 
Oracle SQL Developer Tips and Tricks: Data Edition
Oracle SQL Developer Tips and Tricks: Data EditionOracle SQL Developer Tips and Tricks: Data Edition
Oracle SQL Developer Tips and Tricks: Data Edition
 
Introduction to Oracle Cloud
Introduction to Oracle CloudIntroduction to Oracle Cloud
Introduction to Oracle Cloud
 
OLAP technology
OLAP technologyOLAP technology
OLAP technology
 

Similar to Ppt security-database-overview-11g r2

Best Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security ProductsBest Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security ProductsEstuate, Inc.
 
Oracle database 12c security and compliance
Oracle database 12c security and complianceOracle database 12c security and compliance
Oracle database 12c security and complianceFITSFSd
 
5. 2010 11-03 bucharest oracle-tech_day_security
5. 2010 11-03 bucharest oracle-tech_day_security5. 2010 11-03 bucharest oracle-tech_day_security
5. 2010 11-03 bucharest oracle-tech_day_securityDoina Draganescu
 
Tänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi TaraTänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi TaraORACLE USER GROUP ESTONIA
 
Windows 7 security enhancements
Windows 7 security enhancementsWindows 7 security enhancements
Windows 7 security enhancementsNarenda Wicaksono
 
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityInternap
 
Oracle-Security_Executive-Presentation
Oracle-Security_Executive-PresentationOracle-Security_Executive-Presentation
Oracle-Security_Executive-Presentationstefanjung
 
Trend micro data protection
Trend micro data protectionTrend micro data protection
Trend micro data protectionAndrew Wong
 
Oracle Sparc Cloud
Oracle Sparc CloudOracle Sparc Cloud
Oracle Sparc CloudErnest Jones
 
Sustainable Compliance For PCI DSS Standard
Sustainable Compliance For PCI DSS StandardSustainable Compliance For PCI DSS Standard
Sustainable Compliance For PCI DSS StandardChristian Frahm
 
The Benefits of Having a Data Privacy Vault Tech domain news.pdf
The Benefits of Having a Data Privacy Vault Tech domain news.pdfThe Benefits of Having a Data Privacy Vault Tech domain news.pdf
The Benefits of Having a Data Privacy Vault Tech domain news.pdfDomain News Tech
 
Hadoop World 2011: Security Considerations for Hadoop Deployments - Jeremy Gl...
Hadoop World 2011: Security Considerations for Hadoop Deployments - Jeremy Gl...Hadoop World 2011: Security Considerations for Hadoop Deployments - Jeremy Gl...
Hadoop World 2011: Security Considerations for Hadoop Deployments - Jeremy Gl...Cloudera, Inc.
 
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteEdgar Alejandro Villegas
 
Oracle 11g security - 2014
Oracle 11g security - 2014Oracle 11g security - 2014
Oracle 11g security - 2014Connor McDonald
 
Who owns security in the cloud
Who owns security in the cloudWho owns security in the cloud
Who owns security in the cloudTrend Micro
 
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...Denodo
 
Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Ulf Mattsson
 

Similar to Ppt security-database-overview-11g r2 (20)

Best Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security ProductsBest Practices in Implementing Oracle Database Security Products
Best Practices in Implementing Oracle Database Security Products
 
Oracle database 12c security and compliance
Oracle database 12c security and complianceOracle database 12c security and compliance
Oracle database 12c security and compliance
 
5. 2010 11-03 bucharest oracle-tech_day_security
5. 2010 11-03 bucharest oracle-tech_day_security5. 2010 11-03 bucharest oracle-tech_day_security
5. 2010 11-03 bucharest oracle-tech_day_security
 
Tänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi TaraTänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi Tara
 
Windows 7 security enhancements
Windows 7 security enhancementsWindows 7 security enhancements
Windows 7 security enhancements
 
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. Reality
 
Oracle-Security_Executive-Presentation
Oracle-Security_Executive-PresentationOracle-Security_Executive-Presentation
Oracle-Security_Executive-Presentation
 
Trend micro data protection
Trend micro data protectionTrend micro data protection
Trend micro data protection
 
Oracle Sparc Cloud
Oracle Sparc CloudOracle Sparc Cloud
Oracle Sparc Cloud
 
Sustainable Compliance For PCI DSS Standard
Sustainable Compliance For PCI DSS StandardSustainable Compliance For PCI DSS Standard
Sustainable Compliance For PCI DSS Standard
 
Sw keynote
Sw keynoteSw keynote
Sw keynote
 
The Benefits of Having a Data Privacy Vault Tech domain news.pdf
The Benefits of Having a Data Privacy Vault Tech domain news.pdfThe Benefits of Having a Data Privacy Vault Tech domain news.pdf
The Benefits of Having a Data Privacy Vault Tech domain news.pdf
 
Hadoop World 2011: Security Considerations for Hadoop Deployments - Jeremy Gl...
Hadoop World 2011: Security Considerations for Hadoop Deployments - Jeremy Gl...Hadoop World 2011: Security Considerations for Hadoop Deployments - Jeremy Gl...
Hadoop World 2011: Security Considerations for Hadoop Deployments - Jeremy Gl...
 
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom KyteOracle Database 11g Security and Compliance Solutions - By Tom Kyte
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
 
Oracle 11g security - 2014
Oracle 11g security - 2014Oracle 11g security - 2014
Oracle 11g security - 2014
 
On Demand Cloud Services Coury
On Demand Cloud Services CouryOn Demand Cloud Services Coury
On Demand Cloud Services Coury
 
Securityinsideout
SecurityinsideoutSecurityinsideout
Securityinsideout
 
Who owns security in the cloud
Who owns security in the cloudWho owns security in the cloud
Who owns security in the cloud
 
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
Cryptographie avancée et Logical Data Fabric : Accélérez le partage et la mig...
 
Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...
 

More from Oracle BH

2 d4.poslovna analitika_160410
2 d4.poslovna analitika_1604102 d4.poslovna analitika_160410
2 d4.poslovna analitika_160410Oracle BH
 
2 d3.javne nabavke_neum160410
2 d3.javne nabavke_neum1604102 d3.javne nabavke_neum160410
2 d3.javne nabavke_neum160410Oracle BH
 
2 d2.casemgmt
2 d2.casemgmt2 d2.casemgmt
2 d2.casemgmtOracle BH
 
2 d1.hcm neum_160410
2 d1.hcm neum_1604102 d1.hcm neum_160410
2 d1.hcm neum_160410Oracle BH
 
1 d3.cob neum150410
1 d3.cob neum1504101 d3.cob neum150410
1 d3.cob neum150410Oracle BH
 
1 d2.an neum_bh_treasury_systems_development_perspectives_v1.0
1 d2.an neum_bh_treasury_systems_development_perspectives_v1.01 d2.an neum_bh_treasury_systems_development_perspectives_v1.0
1 d2.an neum_bh_treasury_systems_development_perspectives_v1.0Oracle BH
 
1 d1.reforma it_u_javnoj_upravi
1 d1.reforma it_u_javnoj_upravi1 d1.reforma it_u_javnoj_upravi
1 d1.reforma it_u_javnoj_upraviOracle BH
 
Sun welcome middleware_overview 0324101_bosnia
Sun welcome middleware_overview 0324101_bosniaSun welcome middleware_overview 0324101_bosnia
Sun welcome middleware_overview 0324101_bosniaOracle BH
 
Sun welcome middleware_overview 0324101_bosnia(2)
Sun welcome middleware_overview 0324101_bosnia(2)Sun welcome middleware_overview 0324101_bosnia(2)
Sun welcome middleware_overview 0324101_bosnia(2)Oracle BH
 
Exadata 11-2-overview-v2 11
Exadata 11-2-overview-v2 11Exadata 11-2-overview-v2 11
Exadata 11-2-overview-v2 11Oracle BH
 
Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010Oracle BH
 
Oracle tech fmw-04-sun-virtualization.and.solaris-neum-16.04.2010
Oracle tech fmw-04-sun-virtualization.and.solaris-neum-16.04.2010Oracle tech fmw-04-sun-virtualization.and.solaris-neum-16.04.2010
Oracle tech fmw-04-sun-virtualization.and.solaris-neum-16.04.2010Oracle BH
 
Oracle tech fmw-03-cloud-computing-neum-15.04.2010
Oracle tech fmw-03-cloud-computing-neum-15.04.2010Oracle tech fmw-03-cloud-computing-neum-15.04.2010
Oracle tech fmw-03-cloud-computing-neum-15.04.2010Oracle BH
 
Oracle tech fmw-02-soa-suite-11g-neum-15.04.2010
Oracle tech fmw-02-soa-suite-11g-neum-15.04.2010Oracle tech fmw-02-soa-suite-11g-neum-15.04.2010
Oracle tech fmw-02-soa-suite-11g-neum-15.04.2010Oracle BH
 
Oracle tech db-05-sun-servers.and.storage-16.04.2010
Oracle tech db-05-sun-servers.and.storage-16.04.2010Oracle tech db-05-sun-servers.and.storage-16.04.2010
Oracle tech db-05-sun-servers.and.storage-16.04.2010Oracle BH
 
Oracle tech db-04-cost-effective-neum-16.04.2010
Oracle tech db-04-cost-effective-neum-16.04.2010Oracle tech db-04-cost-effective-neum-16.04.2010
Oracle tech db-04-cost-effective-neum-16.04.2010Oracle BH
 
Oracle tech db-02-hacking-neum-15.04.2010
Oracle tech db-02-hacking-neum-15.04.2010Oracle tech db-02-hacking-neum-15.04.2010
Oracle tech db-02-hacking-neum-15.04.2010Oracle BH
 

More from Oracle BH (17)

2 d4.poslovna analitika_160410
2 d4.poslovna analitika_1604102 d4.poslovna analitika_160410
2 d4.poslovna analitika_160410
 
2 d3.javne nabavke_neum160410
2 d3.javne nabavke_neum1604102 d3.javne nabavke_neum160410
2 d3.javne nabavke_neum160410
 
2 d2.casemgmt
2 d2.casemgmt2 d2.casemgmt
2 d2.casemgmt
 
2 d1.hcm neum_160410
2 d1.hcm neum_1604102 d1.hcm neum_160410
2 d1.hcm neum_160410
 
1 d3.cob neum150410
1 d3.cob neum1504101 d3.cob neum150410
1 d3.cob neum150410
 
1 d2.an neum_bh_treasury_systems_development_perspectives_v1.0
1 d2.an neum_bh_treasury_systems_development_perspectives_v1.01 d2.an neum_bh_treasury_systems_development_perspectives_v1.0
1 d2.an neum_bh_treasury_systems_development_perspectives_v1.0
 
1 d1.reforma it_u_javnoj_upravi
1 d1.reforma it_u_javnoj_upravi1 d1.reforma it_u_javnoj_upravi
1 d1.reforma it_u_javnoj_upravi
 
Sun welcome middleware_overview 0324101_bosnia
Sun welcome middleware_overview 0324101_bosniaSun welcome middleware_overview 0324101_bosnia
Sun welcome middleware_overview 0324101_bosnia
 
Sun welcome middleware_overview 0324101_bosnia(2)
Sun welcome middleware_overview 0324101_bosnia(2)Sun welcome middleware_overview 0324101_bosnia(2)
Sun welcome middleware_overview 0324101_bosnia(2)
 
Exadata 11-2-overview-v2 11
Exadata 11-2-overview-v2 11Exadata 11-2-overview-v2 11
Exadata 11-2-overview-v2 11
 
Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010
 
Oracle tech fmw-04-sun-virtualization.and.solaris-neum-16.04.2010
Oracle tech fmw-04-sun-virtualization.and.solaris-neum-16.04.2010Oracle tech fmw-04-sun-virtualization.and.solaris-neum-16.04.2010
Oracle tech fmw-04-sun-virtualization.and.solaris-neum-16.04.2010
 
Oracle tech fmw-03-cloud-computing-neum-15.04.2010
Oracle tech fmw-03-cloud-computing-neum-15.04.2010Oracle tech fmw-03-cloud-computing-neum-15.04.2010
Oracle tech fmw-03-cloud-computing-neum-15.04.2010
 
Oracle tech fmw-02-soa-suite-11g-neum-15.04.2010
Oracle tech fmw-02-soa-suite-11g-neum-15.04.2010Oracle tech fmw-02-soa-suite-11g-neum-15.04.2010
Oracle tech fmw-02-soa-suite-11g-neum-15.04.2010
 
Oracle tech db-05-sun-servers.and.storage-16.04.2010
Oracle tech db-05-sun-servers.and.storage-16.04.2010Oracle tech db-05-sun-servers.and.storage-16.04.2010
Oracle tech db-05-sun-servers.and.storage-16.04.2010
 
Oracle tech db-04-cost-effective-neum-16.04.2010
Oracle tech db-04-cost-effective-neum-16.04.2010Oracle tech db-04-cost-effective-neum-16.04.2010
Oracle tech db-04-cost-effective-neum-16.04.2010
 
Oracle tech db-02-hacking-neum-15.04.2010
Oracle tech db-02-hacking-neum-15.04.2010Oracle tech db-02-hacking-neum-15.04.2010
Oracle tech db-02-hacking-neum-15.04.2010
 

Ppt security-database-overview-11g r2

  • 1. <Insert Picture Here> Oracle Database Security Gabriel Trauvitch – Master Principal Solutions Specialist – Grid Architect Technology Presales – Greece & SEE
  • 2. More Data Than Ever Growth Doubles Yearly 1,800 Exabytes 2006 2011 Source: IDC, 2008 2
  • 3. Oracle Database Security Business Drivers Industrial Espionage Security Threats Identity Theft Insider Threats Data Consolidation Globalization Right Sourcing SOX HIPAA PCI Compliance Mandates EU FDA Basel II GLBA SB1386 Directives 3
  • 4. More Breaches Than Ever Data Breach Once exposed, the data is out there – the bell can’t be un-rung PUBLICLY REPORTED DATA BREACHES 400 300 630% Increase 200 100 Total Personally Identifying Information Records Exposed 0 (Millions) 2005 2006 2007 2008 Average cost of a data breach $202 per record Average total cost exceeds $6.6 million per breach Source: DataLossDB, Ponemon Institute, 2009 4
  • 5. More Threats Than Ever… 5
  • 6. Market Overview: IT Security In 2009 There has been a clear and significant shift from what was the widely recognized state of security just a few years ago. Protecting the organization's information assets is the top issue facing security programs: data security (90%) is most often cited as an important or very important issue for IT security organizations, followed by application security (86%). Market Overview: IT Security In 2009 - Jonathan Penn, April 22, 2009 6
  • 7. Data Security Challenges • What to secure? • Sensitive Data: Confidential, PII, regulatory • Data in packaged and custom applications • Secure Life cycle: creation, transit, storage, backup, test, transfer • Can we secure it now? • Secure using existing systems? • Transparent? • Loss, Unauthorized access, Separation of Duty • Will it meet business requirements? • Flexible, Transparent, Compliant? • Secures both custom and packaged applications? • Will it reduce operational cost? • Easy to manage? • Performant? 7
  • 8. Oracle Database Security Defense-in-Depth for Security and Compliance Monitoring Audit Vault Total Configuration Management Recall Access Control Database Label Vault Security Encryption and Masking Advanced Data Secure Security Masking Backup 8
  • 9. Oracle Database Security Defense-in-Depth for Security and Compliance Encryption and Masking Advanced Data Secure Security Masking Backup 9
  • 10. Oracle Advanced Security Transparent Data Encryption Disk Backups Exports Application Off-Site Facilities • No application changes required • Efficient encryption of all application data • Built-in key lifecycle management • Works with Exadata V2 Smart Scans • Works with Oracle Advanced Compression 10
  • 11. Oracle Advanced Security Network Encryption & Strong Authentication • Standard-based encryption for data in transit • Strong authentication of users and servers • No infrastructure changes required • Easy to implement 11
  • 12. Oracle Secure Backup Integrated Tape or Cloud Backup Management • Secure data archival to tape or cloud • Easy to administer key management • Fastest Oracle Database tape backups • Leverage low-cost cloud storage 12
  • 13. Oracle Data Masking Irreversible De-Identification Production Non-Production LAST_NAME SSN SALARY LAST_NAME SSN SALARY AGUILAR 203-33-3234 40,000 ANSKEKSL 111—23-1111 40,000 BENSON 323-22-2943 60,000 BKJHHEIEDK 222-34-1345 60,000 • Remove sensitive data from non-production databases • Referential integrity preserved so applications continue to work • Extensible template library and policies for automation 13
  • 14. Large Credit Card Services Provider Cost Effective Encryption of Card Holder Data • Protect sensitive card holder data Business Challenges • Comply with PCI • Deployed Oracle Advanced Security TDE Solution Tablespace Encryption • Addressed internal and external requirements Business Results • Leveraged Oracle Advanced Security integration with Hardware Security Modules for network based management of TDE master encryption key 14
  • 15. U.S. Pharmaceutical Tools Manufacturer Oracle Advanced Security Protects Sensitive Data • Worried about protection of intellectual Business Challenges property and sensitive employee data • Oracle Advanced Security TDE column encryption • Easy implementation within hours (Oracle Solution PeopleSoft) • TDE with HSM made corporate-wide standard • Average end-user responses time: +2.5 % • Cost effective and transparent implementation of data encryption with no application changes Business Results • Protection of sensitive data at rest and on backup media 15
  • 16. EMEA-based Real Estate Company Data Masking Pack accelerated availability of production data for testing while improving DBA productivity • Custom scripts to mask sensitive data were not able to scale to meet growing data volumes Business Challenges • DBA team under increasing pressure to make production data available to for application testing within short time frames • Data Masking Pack delivered an out-of-the-box solution to replace custom database scripts Solution • High performance masking capabilities accelerated masking process from 6 hours using database scripts to 6 minutes using Data Masking Pack • 60 X performance improvement in masking process resulted in faster turnaround of test system creation Business Results • Improved DBA productivity by eliminating the requirement to maintain custom scripts 16
  • 17. Oracle Database Security Defense-in-Depth for Security and Compliance Access Control Database Label Vault Security Encryption and Masking Advanced Data Secure Security Masking Backup 17
  • 18. Oracle Database Vault Separation of Duties & Privileged User Controls Procurement DBA HR Application Finance select * from finance.customers • DBA separation of duties • Limit powers of privileged users • Securely consolidate application data • No application changes required • Works with Oracle Exadata V2 Database Machine 18
  • 19. Oracle Database Vault Multi-Factor Access Control Policy Enforcement Procurement HR Application Rebates • Protect application data and prevent application by-pass • Enforce who, where, when, and how using rules and factors • Out-of-the box policies for Oracle applications, customizable 19
  • 20. Oracle Label Security Data Classification for Access Control Sensitive Transactions Confidential Report Data Public Reports Confidential Sensitive • Classify users and data based on business drivers • Database enforced row level access control • Users classification through Oracle Identity Management Suite • Classification labels can be factors in other policies 20
  • 21. Large US Based Global Bank Enable Secure Cost Effective Deployments • Outsource administration of multiple applications (E-Business Suite, PeopleSoft and other in-house and 3rd party applications) Business • “Cross Border” security controls to protect country-specific sensitive Challenges client data from DBA access in a different country • Deploy a security solution that is certified with applications and with minimal performance overhead • Deployed Oracle Database Vault on 18+ applications including E- Business Suite, PeopleSoft and other internal and 3rd party applications to prevent privileged user access to application data Solution • Used Database Vault multi-factor authorization to enforce cross- border access control and to prevent “Application Bypass” • Over 200K users accessing these systems globally • Saved over $15M a year by outsourcing/off-shoring backend Business administration operations Results • Addressed “Cross Border” security requirements • Passed external audit and avoided paying fines 21
  • 22. Pharmaceutical Services Provider Protect Sensitive Customer Information and Address Regulations • Protect and secure the privacy of very sensitive customer medical data and employee data in PeopleSoft Business Challenges • Comply with internal policies and external regulations (HIPAA, SOX, Privacy Laws) • Prevent privileged user access to sensitive data • Deployed Oracle Database Vault with out-of-the-box Solution PeopleSoft protection policies • Took 14 days to go production • Complied with HIPAA and other privacy regulations • Passed external audit • Saved on consulting costs and deployment time by using Business Results the out-of-the-box Database Vault protection policies • Deployed Database Vault with minimal changes to existing internal processes and procedures 22
  • 23. Large European Telecom Provider Enable Organization to Meet Regulations • Protect the privacy of sensitive client data in their telecom billing system Business • Meet internal, European Data Security Directive, and country-specific Challenges privacy requirements • Prevent tampering or deletion of database objects or database users • Used Database Vault Realms and Command Rules to prevent DBAs from accessing sensitive data • Used Command Rules to prevent tampering or deletion of database Solution objects or users • Used multi-factor authorization to prevent “Application Bypass” based on IP address • Secure the third party billing system without any application changes • Comply with internal, European, and country-specific privacy laws Business • Cost effective preventive controls against any tampering or deletion of Results database objects or users • Maintain good performance without buying additional hardware 23
  • 24. Oracle Database Security Defense-in-Depth for Security and Compliance Monitoring Audit Vault Total Configuration Management Recall Access Control Database Label Vault Security Encryption and Masking Advanced Data Secure Security Masking Backup 24
  • 25. Oracle Audit Vault Automated Activity Monitoring & Audit Reporting HR Data ! Alerts Built-in CRM Data Reports Audit Data Custom ERP Data Reports Databases Policies Auditor • Consolidate audit data into secure repository • Detect and alert on suspicious activities • Out-of-the box compliance reporting • Centralized audit policy management 25
  • 26. Oracle Total Recall Secure Change Tracking select salary from emp AS OF TIMESTAMP '02-MAY-09 12.00 AM„ where emp.title = „admin‟ • Transparently track data changes • Efficient, tamper-resistant storage of archives • Real-time access to historical data • Enables forensics and error correction 26
  • 27. Oracle Configuration Management Vulnerability Assessment & Secure Configuration Discover Classify Assess Prioritize Fix Monitor Asset Configuration Policy Vulnerability Analysis & Management Management Management Management Analytics & Audit • Database discovery • Continuous scanning against best practices • Detect and prevent unauthorized configuration changes • Change management compliance reports 27
  • 28. European Healthcare Insurance Provider Simplified Reporting and Stronger Security • Internal and external database audit requirements across 10 Oracle and SQL Server databases Business Challenges • Took 3 months and 2 part time people to create the audit reports for yearly audit • No monitoring for insider threats • Oracle Audit Vault consolidated reporting on audit data from Oracle and SQL Server Solution • Oracle Audit Vault consolidation of audit data removed DBA from audit review process • Saved 100‟s of hours in report generations • Worked with auditors to create customized reports from the out-of-the box default reports for Business Results personalized content • Estimated return on investments in less than 18 months 28
  • 29. Large Financial Services Provider Stronger Controls • Audit credit card transactions • 20+ production Oracle databases with native Business Challenges auditing already turned on • Need for reports and no resource or budget to create and review them • Oracle Audit Vault audit data collection and secure centralized storage Solution • Audit Vault proactively monitors privileged user access violations, failed database logins, and generates forensic data • Passed internal audits • Automated reporting on credit card transactions Business Results • Secure consolidation of audit data • Detected policy violations of database activity • Deployed in production in 3 months 29
  • 30. Large European Telco Provider Address Telco Regulations on Call Records • Audit credit card transactions • 20+ production Oracle databases with native Business Challenges auditing already turned on • Need for reports and no resource or budget to create and review them • Oracle Audit Vault audit data collection and secure centralized storage Solution • Audit Vault proactively monitors privileged user access violations, failed database logins, and generates forensic data • Passed internal audits • Automated reporting on credit card transactions Business Results • Secure consolidation of audit data • Detected policy violations of database activity • Deployed in production in 3 months 30
  • 31. Oracle Database Security Defense-in-Depth for Security and Compliance Monitoring Audit Vault Total Configuration Management Recall Access Control Database Label Vault Security Encryption and Masking Advanced Data Secure Security Masking Backup 31
  • 32. For More Information search.oracle.com database security oracle.com/database/security 32
  • 33. 33
  • 34. 34