This document outlines Oracle's product direction for data security at the source in public and private sectors. It discusses business drivers for security such as governance, risk management and compliance needs as well as security threats. It then describes Oracle's database security solutions like Transparent Data Encryption, Database Vault, and Audit Vault that secure data at rest, in motion and for testing. Case studies show how customers in various industries like banking, telecom, and public sectors have implemented Oracle's database security to protect sensitive data and comply with regulations. The document concludes that Oracle's database security solutions provide a preventive and detective approach to protect data at the source.
Introducing Oracle Audit Vault and Database FirewallTroy Kitch
Join us to hear about a new Oracle product that monitors Oracle and non-Oracle database traffic, detects unauthorized activity including SQL injection attacks, and blocks internal and external threats from reaching the database. In addition this new product collects and consolidates audit data from databases, operating systems, directories, and any custom template-defined source into a centralized, secure warehouse. This new enterprise security monitoring and auditing platform allows organizations to quickly detect and respond to threats with powerful real-time policy analysis, alerting and reporting capabilities. Based on proven SQL grammar analysis that ensures accuracy, performance, and scalability, organizations can deploy with confidence in any mode. You will also hear how organizations such as TransUnion Interactive and SquareTwo Financial rely on Oracle today to monitor and secure their Oracle and non-Oracle database environments.
Introducing Oracle Audit Vault and Database FirewallTroy Kitch
Join us to hear about a new Oracle product that monitors Oracle and non-Oracle database traffic, detects unauthorized activity including SQL injection attacks, and blocks internal and external threats from reaching the database. In addition this new product collects and consolidates audit data from databases, operating systems, directories, and any custom template-defined source into a centralized, secure warehouse. This new enterprise security monitoring and auditing platform allows organizations to quickly detect and respond to threats with powerful real-time policy analysis, alerting and reporting capabilities. Based on proven SQL grammar analysis that ensures accuracy, performance, and scalability, organizations can deploy with confidence in any mode. You will also hear how organizations such as TransUnion Interactive and SquareTwo Financial rely on Oracle today to monitor and secure their Oracle and non-Oracle database environments.
From the outset, Oracle has delivered the industry's most advanced technology to safeguard data where it lives—in the database. Oracle provides a comprehensive portfolio of security solutions to ensure data privacy, protect against insider threats, and enable regulatory compliance for both Oracle and non-Oracle Databases. With Oracle's powerful database activity monitoring and blocking, privileged user and multi-factor access control, data classification, transparent data encryption, consolidated auditing and reporting, secure configuration management, and data masking, customers can deploy reliable data security solutions that do not require any changes to existing applications, saving time and money.
How to Migrate from Oracle to EDB PostgresAshnikbiz
Are you planning to move from Oracle to a preferred enterprise open source database technology like Postgres? Watch this webinar to overcome the challenges you will face during the migration process.
Factors You Should Consider if Building an IIoT SolutionLaird Connectivity
Connected solutions can generate useful insights, but in between your things, the internet, and the insights are vast combinations of specialized technologies and complexities that you must navigate in order to deliver an effective, profitable, scalable system.
In this webinar, technical experts from Laird Connectivity will examine the top five factors you need to consider when implementing an enterprise-grade, revenue-generating IoT solution.
Learn about:
-Top IoT Challenges
-Architecting Your IoT Solution
-Choosing a Connectivity Option
-Selecting a Cloud Solution
-What Your Competitors are Doing – Live Demo
-Example Applications
Ian Jaffe, Ping Identity
How to manage identities, how you can get a
jump start for the identity revolution, and how
to do it all using your existing infrastructure
without having a duplicate identity in the
cloud, using PingOne
Today, financial services firms rely on data as the basis of their industry. In the absence of the means of production for physical goods, data is the raw material used to create value for and capture value from the market. However, as data volume and variety increase, so do the susceptibility to fraud and the temptation to hackers. Learn how an enterprise data hub built on Hadoop enables advanced security and machine learning on much more descriptive and real-time data to detect and prevent fraud, from payment encryption to anti-money-laundering processes.
Is Your Data Secure?
Odds are good that your data is extremely important to you. Now consider how one secures that data. Typical approaches address access, authentication, integrity, non-repudiation and confidentiality concerns at the domain and link layers, implicitly securing the data. The challenge and need is to move these security specifications to the data itself, and provide explicit security policies on each element of system-identified data.
Why is this level of finesse needed? As you build out your systems, and systems of systems, how do you manage security when individually element of data, the communication links, and domain boundaries have different behaviors? With this level of complexity and risk, it's critical to have awareness at the level that matters – the data level – so you can make the right design and implementation decisions.
At this webinar, learn how to achieve an assured and predictable security footprint by minimizing the leak of information or exploitation of data through unintended consequences. Secure DDS offers data-centric configuration policies for content and behaviors. Recognizing that security isn't one-size fits all, a standards-based optional plugin SDK allows developers to create custom security plugins.
Connext Secure DDS is the world's first turnkey DDS security solution that conforms to the OMG specification and provides an essential security infrastructure that is data-focused for DDS and legacy systems.
Watch On-Demand: http://ecast.opensystemsmedia.com/478
Architectural Patterns in IoT Cloud PlatformsRoshan Kulkarni
IoT PaaS platforms help accelerate the delivery of IoT solutions. This deck outlines the various architectural patterns in IoT Cloud Platforms - A useful checklist to ascertain your own IoT Solution Architecture.
Intelligent, Efficient and Competitive Solutions for Your IT Operations High ...Infopulse
Integrated, managed solutions to ensure high availability of your IT Operations – from infrastructure management and 24/7/365 monitoring up to application maintenance. Check out the presentation to learn more.
Document centralization based document security
Smart work environment construction
Drawing/ Document/ Source code/ Copyright security and Personal information protection
From the outset, Oracle has delivered the industry's most advanced technology to safeguard data where it lives—in the database. Oracle provides a comprehensive portfolio of security solutions to ensure data privacy, protect against insider threats, and enable regulatory compliance for both Oracle and non-Oracle Databases. With Oracle's powerful database activity monitoring and blocking, privileged user and multi-factor access control, data classification, transparent data encryption, consolidated auditing and reporting, secure configuration management, and data masking, customers can deploy reliable data security solutions that do not require any changes to existing applications, saving time and money.
How to Migrate from Oracle to EDB PostgresAshnikbiz
Are you planning to move from Oracle to a preferred enterprise open source database technology like Postgres? Watch this webinar to overcome the challenges you will face during the migration process.
Factors You Should Consider if Building an IIoT SolutionLaird Connectivity
Connected solutions can generate useful insights, but in between your things, the internet, and the insights are vast combinations of specialized technologies and complexities that you must navigate in order to deliver an effective, profitable, scalable system.
In this webinar, technical experts from Laird Connectivity will examine the top five factors you need to consider when implementing an enterprise-grade, revenue-generating IoT solution.
Learn about:
-Top IoT Challenges
-Architecting Your IoT Solution
-Choosing a Connectivity Option
-Selecting a Cloud Solution
-What Your Competitors are Doing – Live Demo
-Example Applications
Ian Jaffe, Ping Identity
How to manage identities, how you can get a
jump start for the identity revolution, and how
to do it all using your existing infrastructure
without having a duplicate identity in the
cloud, using PingOne
Today, financial services firms rely on data as the basis of their industry. In the absence of the means of production for physical goods, data is the raw material used to create value for and capture value from the market. However, as data volume and variety increase, so do the susceptibility to fraud and the temptation to hackers. Learn how an enterprise data hub built on Hadoop enables advanced security and machine learning on much more descriptive and real-time data to detect and prevent fraud, from payment encryption to anti-money-laundering processes.
Is Your Data Secure?
Odds are good that your data is extremely important to you. Now consider how one secures that data. Typical approaches address access, authentication, integrity, non-repudiation and confidentiality concerns at the domain and link layers, implicitly securing the data. The challenge and need is to move these security specifications to the data itself, and provide explicit security policies on each element of system-identified data.
Why is this level of finesse needed? As you build out your systems, and systems of systems, how do you manage security when individually element of data, the communication links, and domain boundaries have different behaviors? With this level of complexity and risk, it's critical to have awareness at the level that matters – the data level – so you can make the right design and implementation decisions.
At this webinar, learn how to achieve an assured and predictable security footprint by minimizing the leak of information or exploitation of data through unintended consequences. Secure DDS offers data-centric configuration policies for content and behaviors. Recognizing that security isn't one-size fits all, a standards-based optional plugin SDK allows developers to create custom security plugins.
Connext Secure DDS is the world's first turnkey DDS security solution that conforms to the OMG specification and provides an essential security infrastructure that is data-focused for DDS and legacy systems.
Watch On-Demand: http://ecast.opensystemsmedia.com/478
Architectural Patterns in IoT Cloud PlatformsRoshan Kulkarni
IoT PaaS platforms help accelerate the delivery of IoT solutions. This deck outlines the various architectural patterns in IoT Cloud Platforms - A useful checklist to ascertain your own IoT Solution Architecture.
Intelligent, Efficient and Competitive Solutions for Your IT Operations High ...Infopulse
Integrated, managed solutions to ensure high availability of your IT Operations – from infrastructure management and 24/7/365 monitoring up to application maintenance. Check out the presentation to learn more.
Document centralization based document security
Smart work environment construction
Drawing/ Document/ Source code/ Copyright security and Personal information protection
GDPR Compliance Countdown - Is your Application environment ready?QualiQuali
Is Your Application Environment Ready?
Data Privacy regulation is top of mind this semester with the GDPR enforcement in Europe coming into effect May 25th, 2018.
Most companies doing business with the EU have to perform an assessment of their current applications and data policies to make sure they are going to be compliant. This is a burdensome and tedious task if done manually. How do you use automation and maximize the efficiency of this process? This is what we discuss in this presentation.
Belgium & Luxembourg dedicated online Data Virtualization discovery workshopDenodo
Watch full webinar here: https://bit.ly/33yYuQm
Data virtualization has become an essential part of enterprise data architectures, bridging the gap between IT and business users and delivering significant cost and time savings. This technology revolutionizes the way data is accessed, delivered, consumed and governed regardless of its format and location.
This 1.5 hour discovery session will show help you identify the benefits of this modern and agile data integration and management technology for your organisation.
In today's rapidly evolving tech landscape, data privacy is one of the most critical issues that businesses face. I'd like to share with you my insights on the principles and best practices for ensuring the resilience and security of your workload.
Drawing on a real-life project from the HR industry, I will demonstrate how we tackled the challenges of data protection, self-healing, business continuity, security, and transparency of data processing. Through our solutions, we were able to create a secure AWS cloud infrastructure that not only met strict compliance rules but also exceeded our client's expectations.
A Key to Real-time Insights in a Post-COVID World (ASEAN)Denodo
Watch full webinar here: https://bit.ly/2EpHGyd
Presented at Data Champions, Online Asia 2020
Businesses and individuals around the world are experiencing the impact of a global pandemic. With many workers and potential shoppers still sequestered, COVID-19 is proving to have a momentous impact on the global economy. Regardless of the current situation and post-pandemic era, real-time data becomes even more critical to healthcare practitioners, business owners, government officials, and the public at large where holistic and timely information are important to make quick decisions. It enables doctors to make quick decisions about where to focus the care, business owners to alter production schedules to meet the demand, government agencies to contain the epidemic, and the public to be informed about prevention.
In this on-demand session, you will learn about the capabilities of data virtualization as a modern data integration technique and how can organisations:
- Rapidly unify information from disparate data sources to make accurate decisions and analyse data in real-time
- Build a single engine for security that provides audit and control by geographies
- Accelerate delivery of insights from your advanced analytics project
How to design the architecture and processes for the application which needs to process protected and personal data? This presentation is based on a real-life project, implemented in Xebia. Presented on AWS Community Day NL in Utrecht, NL. 20.09.2023.
How Greenhouse Software Unlocked the Power of Machine Data Analytics with Sum...Amazon Web Services
Sumo Logic offers a powerful cloud-native analytics solution that supports all types of machine data. Our platform integrates easily with your AWS infrastructure supporting fast, accurate and secure analysis and monitoring of enormous amounts of data—giving you clear and direct visibility into its operations.
In this webinar, you’ll learn how organizations such as Greenhouse Software harness cloud-native machine data analytics to optimize the internal and external process lifecycles, monitor the health of all AWS application and services and deliver a WOW application to their end users.
Best Practices in Implementing Oracle Database Security ProductsEstuate, Inc.
Information is the world’s new currency. Databases are the digital banks that store and retrieve valuable information. The growing number of high-profile incidents in which customer records, confidential information and intellectual property are leaked, lost or stolen has created an explosive demand for solutions that protect against the deliberate or inadvertent release of sensitive information.Oracle is the global leader in relational database technology, and has built a rich set of database security products and database features within its product portfolio.
OOW13:Leveraging the Cloud to Simplify Your Identity Management Implementatio...GregOracle
Applications moved into a managed cloud environment need Identity and Access Management services to ensure user accounts, passwords and roles are all managed properly for the purposes of Security and Audit. In this session, we’ll discuss the key considerations for a Hosted Private Cloud deployment of Oracle applications integrated with Oracle Identity Management Suite to provide self-service account provisioning and federated Single Sign-on (SSO) for an organization’s internal and external users. You will also hear from a customer on how their key business requirements were addressed with Managed Identity Services from Oracle running at Oracle.
Similar to 5. 2010 11-03 bucharest oracle-tech_day_security (20)
1. <Insert Picture Here>
Security for Data at the Source in Public and Private Sector
3rd November 2010, Bucharest
Michael Bürger
Product Director EECIS, Security and Manageability
2. The following is intended to outline our general
product direction. It is intended for information
purposes only, and may not be incorporated into any
contract. It is not a commitment to deliver any
material, code, or functionality, and should not be
relied upon in making purchasing decisions.
The development, release, and timing of any
features or functionality described for Oracle’s
products remains at the sole discretion of Oracle.
3. 3
Agenda
• Business Drivers
• DB Security in the Data Center
• New 11g Features and Certifications
• Customers in Vertical Industries
• Conclusions
5. End to End Oracle Security Solutions
Securing Data at the Source
• Application Security
• Identity and Access Management
• Database Security
• Infrastructure Security
6. Source: Gartner DataQuest, 2008; Forrester Database Security Market Report, 2009
#1 Database, Most Secure
“Most DBMS vendors offer basic
security features; Oracle’s offering is
most comprehensive.”
7. How is Data Compromised?
Source: Verizon 2010 Data Breach Investigations Report
8. Entry Points DB Security 11g
Business Drivers
• GRC Governance, Risk
Management, Compliance
• Security Threats
• Cost reduction
9. Oracle Database Security Business Drivers
Most relevant in EECIS, the minimum bundle on data level
Audit
Vault
Label
Security
Reduce & avoid Security Costs
Configuration
Management
for Policies
DB Vault,
DBA Access Control
Compliance & Regulation
Data Mask
for Developers
Advanced
Security Option
for Encryption
Database
Firewall
Security Threats internal & external
13. Securing data at rest
Application users protected by
Transparent Data Encryption 10g Column
Transparent Data Encryption 11g Tablespace
14. Securing data in motion
Application users protected by
Transparent Data Encryption 10g Column
Transparent Data Encryption 11g Tablespace
Application users protected by
Transparent Data Encryption 10g Network
Transparent Data Encryption 10g Tapes
DB Firewall Network Realtime SQL Analyzer
15. Securing data for testing
Application users protected by
Transparent Data Encryption 10g Column
Transparent Data Encryption 11g Tablespace
Application users protected by
Transparent Data Encryption 10g Network
Transparent Data Encryption 10g Tapes
DB Firewall Network Realtime SQL Analyzer
Developers protected by
Data Mask 10g
16. Application users protected by
Transparent Data Encryption 10g Column
Transparent Data Encryption 11g Tablespace
Application users protected by
Transparent Data Encryption 10g Network
Transparent Data Encryption 10g Tapes
DB Firewall Network Realtime SQL Analyzer
Developers protected by
Data Mask 10g
Preventing unauthorized modification
DBAs protected by
DB Vault 9i
17. Application users protected by
Transparent Data Encryption 10g Column
Transparent Data Encryption 11g Tablespace
Application users protected by
Transparent Data Encryption 10g Network
Transparent Data Encryption 10g Tapes
DB Firewall Network Realtime SQL Analyzer
Developers protected by
Data Mask 10g
DBAs protected by
DB Vault 9i
Highly secured DB environment
„preventive and detective“
Security Officer protected by
Audit Vault 10g
19. 19
Oracle Advanced Security
11g Table Space Encryption, e.g. for ODB based HR systems
Disk
Backups
Exports
Off-Site
Facilities
• Any employee user with operating system access can sniff data and copy it
• 11g Table Space Encryption for sensitive HR data at rest encryption
• Data in motion traveling on network is encrypted from 10g on
• Rapid implementation of 11g Table Space Encryption
• No identification of the fields required, just create an encrypted table space as part of
the upgrade and use that table space for HR system on ODB, rapid index queries
• This is totally transparent without application change
• Minimal preparation within the 11g upgrade and all the data is protected
• Less administration & performance impact compared to 10g column encryption
20. 20
Oracle Database Vault
Privileged User Access Control on Data level
and Multifactor Authorization
Procurement
HR
Finance
Application
select * from finance.customers
DBA
Power users can access sensitive data (HR, Credit Cards) and publish it
SoD, prevents unauthorized new account creation or password change
(1) Application owners to create new accounts
(2) DB Vault protects DBAs, they can manage the data, but can't modify
(3) Security officers to grant access rights according to written policies
Certified Realms to protect all tables in EBS, SAP or ISV HR Systems
Brings Security Policies in production according to CIA application ratings*
CIA principles: Confidentiality, Integrity and Availability, who can delete, copy or change what?
21. Oracle Database Firewall
First Line of Defense
• Monitor db activity to prevent unauthorized db access, SQL injections, privilege or
role escalation, illegal access to sensitive data, etc, according to Security Policies
• SQL grammar analysis for Firewall activities (allow, log, alert, substitute, block)
• Scalable architecture provides enterprise performance in all deployment modes
• Built-in and custom compliance reports for SOX, PCI, and other regulations
• Whitelists or blacklists consider time of day, day of week, network, application, etc
PoliciesBuilt-in
Reports
Alerts Custom
Reports
Applications
Block
Log
Allow
Alert
Substitute
22. Fastest high volume DB Security Machine
Brings Security Policies in Production with Exadata
Zero impact 11g R2 TableSpace Encryption
Secure high volume Network Traffic Encryption
Fastest real time SQL analyzer hacker resistant
Compliant data center consolidation
Sensitive Data Warehouse access control
24. Oracle DB Security cross-industry EECIS
Banking
Telecommunication
Public Sector Retail, Utilities, other
Telecommunications Insurances
CIPSCIPS
25. Case Study – Public Sector Romania
DB Vault, Advanced Security
• From the business point of view, the use of Advanced Security and DB Vault facilitates the reduction of risks like information theft or
leaks, fraudulent alterations of data, and bad publicity
• From the technical point of view, the solution will have to protect all private data used by key applications
• Implementation will be done by Oracle Partner, with 1 year left for finishing the project
• Customer does not take reference calls or visits
BUSINESS CHALLENGE
• Nation-wide project with confidential data
• The business drivers are regulations and preventive concepts
• DB Security part of a larger project
• Customer expects to insure the confidentiality of stored data,
in transfer and storage, while preventing unauthorized access
from privileged accounts.
RESULTS
ORACLE SOLUTION
• Customer in Public Sector bought DB Vault and Advanced
Security in Nov 2009
• Products are used on all servers
• Customer also uses Oracle IdM Access Manager for web
access control
• Oracle gained a strong vendor position at customer with
significant footprint for Enterprise Security
26. Case Study – Telecom in Central Europe
DB Vault, Advanced Security
• Pilot release of implementation in progress
• DB Vault and ASO Encryption to protect and encrypt sensitive customer data Siebel CRM is running on
• The success in implementation is the only criteria which may lead to next phase of the project
• Delivery of project by Oracle partner Accenture
• Customer is not taking reference calls or visits
BUSINESS CHALLENGE
• Drivers:
Big gap between IT and Business
Bring Business processes to IT and develop relevant IT
services
Project start at 2007 Service Order management - Tower
Merger of 2 Telecom companies
Integrated Order Management (IOM) based on SIEBEL
IT recognized that SIEBEL is not enough…(many logic need to
be implemented in level of integration, processes, custom
apps)
Data security is crucial, Security violations as a business
driver to invest in Security solutions.
Customer Data Security & Compliance requirements
(ISO27001 Compliance regulation relevant for Telco)
• Partner: Accenture
RESULTS
ORACLE SOLUTION
• Oracle technology on site: DB, IAS, SOA Suite 10 (first
major adoption of SOA in this country)
• FMW stack + DB EE, Partitioning, RAC, Advanced
Security, Db Vault, Diag, Tun, Config packs in Dec 2009.
• Managed systems: IOM based on SIEBEL
• Oracle is trusted technology vendor (Presales) and advisor
of Eastern European ICCC Competence Center Bratislava
• Sales process:
• Longterm relationships with Enterprise Architect, DB admin,
Development unit managers and senior developers, etc.
• Good cooperation between partner and Oracle ASR
27. Case Study – Bankart Financial Services
DB Vault, Audit Vault
• Reaching PCI compliance is expected from business point of view
• Technically. Bankart decided for Oracle centric PCI approach
• Project has started in June 2009, first phase (change of an application, use od DB Vault and set-up Audit Vault) until 2010
• Internal IT together with local security partner OSI
• Customer has published a snapshot story and is available for reference calls and visits
BUSINESS CHALLENGE
• Bankart is the largest Credit Card processing company in
Slovenia
• PCI Compliance was business demand
• CIO started internal project to reach PCI compliance in one
year
• Avoiding costs and simplifying the audit reporting
RESULTS
ORACLE SOLUTION
• Customer bought Audit and Database Vault in May 2009
• All Production and Test systems are managed by DB Sec
component, together with MS SQL server as one Audit
source
• Platform is HP-UX, Oracle 10gR2, MS SQL 2005
• Other DB Sec products (Advanced Security - TDE, Conf.
Mgm. Packs) are still under evaluation
28. Case Study – Bank in Munich Germany
Advanced Security and DB Vault for SAP HR
• Customer is compliant with internal security policies (regulations)
• Only authorized HR employees have data access to HR data. Privileged users like DBA’s, network administrators, system
administrators aren’t able to access the HR data
• Oracle Partner was involved as consulting firm and system integrator, the solution is implemented and works with SAP
• The customer is not taking reference calls
BUSINESS CHALLENGE
• The customer wanted to protect SAP HR data against
unauthorized access
• The customer wanted to comply with internal security policies
• It was a HR project so HR compartment was the sponsor
• There was a re-organization SAP project and data privacy was
an important part of this project.
• Only authorized HR employees should have access to HR
data. Privileged users like DBA’s, network administrators,
system administrators shouldn’t be able to access the HR data
RESULTS
ORACLE SOLUTION
• The customers purchased the Oracle Advanced Security
and Oracle Database Vault to prevent the unauthorized
access to sensitive HR data in August 2009
• It is one of the first “DB Vault for SAP” implementations
worldwide
• 10 CPU’s SUN Solaris system is now protected with Oracle
Advanced Security and Oracle Database Vault, both
products are certified for SAP/R3
29. Case Study – ApoBank Germany
DB Vault and ASO for ODB based ISV HR
• DB Vault is supporting segregation of duty and enables to protocol all changes in data schema, DBAs can manage but can't see data
• ASO Advanced Security Option is including Encryption, ASO is encrypting data
• on disc
• Incl. Back-up's
• and in motion for data traveling on the network save against insider threats, nobody can modificate or copy sensitive HR data
• Cost savings achieved based on server consolidation for centralized HR data and secure HR process optimization
• The customer is taking reference calls and visits
BUSINESS CHALLENGE
• Business drivers
• to centralize high sensitive HR data on less servers for
cost savings and more efficiency in HR processes
• to protect this type of sensitive HR data containing
salary info but transparent to the HR application
• No segregation of duties before, DB administration and HR did
had the same rights to copy, change or delete data
• Target to strictly split access rights, only HR can see the data
RESULTS
ORACLE SOLUTION
• Customer does have 2.000 employees across Germany
• DB Vault and Advanced Security Option purchased in 2008
• Partner MT AG involved in implementation
• Oracle Encryption is working application transparent,
means without any change of HR system running on Oracle
Database
30. Case Study – CMC Markets Financial Services UK
DB Vault and ASO for E-Business Suite HR
• Segregation of Duties has been achieved according to Security polices and vertical industry regulations
• Protection the privacy of sensitive data
• Customer data
• Employee data such as salary information
• The customer is taking reference calls and visits
BUSINESS CHALLENGE
• The customer is focused on providing access to online trading
markets across the globe
• The key business driver to ensure customers reputation by
keeping customer and salary data confidential versus insider
threats
• To comply with vertical industry specific regulations in financial
services.
• Simplify the audit process by providing a secure audit
infrastructure
RESULTS
ORACLE SOLUTION
• Oracle DB Vault, Advanced Security Option and Audit Vault
purchased in 2008
• This is the first EBS customer in Europe with DB Security
• DB Security in production with
• RAC Real Application Cluster
• EBS E-Business Suite incl. HR data
• Oracle Database 10g
31. Case Study – Bank in Ukraine
DB Vault for Flexcube
• Oracle Database Vault provides a transparent solution for mitigating the risk of insider threats and complying with regulations.
• Oracle Database Vault restricts ad-hoc database changes and enforces controls over how, when and where the most sensitive
application data can be accessed.
• Proposed solution must be fully implemented in three months after the new core banking system is launched.
• To adopt Oracle Database Vault technologies, the customer is working with Oracle’s local partner.
BUSINESS CHALLENGE
• The banking customer is concerning about the risk of
unauthorized access by privileged users to sensitive banking
information.
• The bank intents to bring its system into compliance with
existing and newly emerging regulations as well as industry
best practices.
• The solution must provide flexible, transparent and highly
adaptable security controls that require no application
changes.
RESULTS
ORACLE SOLUTION
• Customer bought Oracle Database Vault in January 2010
as a first step in his Security initiative
• DB Vault provides powerful security controls for protecting
banking applications and sensitive data.
• Oracle Database Vault protects the core banking system
Oracle Flexcube on the server with 12 CPU's.
• The next step under consideration are Advanced Security
and Audit Vault to bring the system to the highest security
level.
33. Conclusions to Protect Data at the Source?
• Logical bundle „preventive“
• Advanced Security
• DB Vault
• Data Masking Pack
• Extend to „detective“ solutions
• Audit Vault
• DB Firewall
34. Vertical Industry Security E2E
StrategicVerticalValue
Public Sector: DB Security part of Public Sector Tenders to fit EU Data
Privacy Regulations and avoid Security Threats. DB Vault, Audit Vault,
Data Mask and Advanced Security for DB SaaS/Cloud and for encrypting
backups and masking non-production testing data.
Financial Services and Retail: Vertical industry regulations such as PCI
require DB Security in context of Credit Card payments. DB Vault, Audit
Vault, Advanced Security, Data Masking & DB Firewall for defense-in-depth
security for Oracle DB.
Utilities and other industries: Oracle end-to-end Security, DB Security,
plus Identity and Access Management plus Applications Security.
Communications: DB Security fits Siebel CRM projects. DB Vault,
Advanced Security and Data Mask to ensure that sensitive customer data
can be only accessed by authorized staff.