C7 defending the cloud with monitoring and auditing

585 views

Published on

Published in: Technology
1 Comment
0 Likes
Statistics
Notes
  • I created this deck. :-)
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Views
Total views
585
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
12
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide

C7 defending the cloud with monitoring and auditing

  1. 1. Defending the Cloud with Monitoring and Auditing Eva Chang Senior Sales Consultant
  2. 2. Agenda  Data growth and cloud adoption  Data governance and risk management  Detect fraudulent data migration  Monitor data moving to and within the cloud  Report to address regulatory compliance 2 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  3. 3. 3 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  4. 4. DVDs Stacked to the moon 4 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  5. 5. 80% protected by Enterprises 5 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. And back
  6. 6. Data in the Cloud The Digital Universe in the Cloud Will Increase 20% by 2020 Not touched by cloud Stored or touched 17% 2012 37% 2020 6 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Source: IDC Digital Universe Study
  7. 7. Security: Top of Mind for Customers Only thing trending higher than the cloud? Security concerns about the cloud… 82% 54% #1 Risk 7 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Concerned about cloud security & privacy Worried about a cloud provider data breach Undetected data breach
  8. 8. Cloud Security Spend Increasing 20% of IT budget by 2016 Source: Gartner 8 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  9. 9. Database Security Strategy Defense-in-Depth for Maximum Security PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 9 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  10. 10. 10 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  11. 11. Oracle Database Security Solutions Defense-in-Depth for Maximum Security PREVENTIVE DETECTIVE ADMINISTRATIVE Encryption Activity Monitoring Privilege Analysis Redaction and Masking Database Firewall Sensitive Data Discovery Privileged User Controls Auditing and Reporting Configuration Management 11 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  12. 12. Data Governance Reporting for Compliance Data Migration Cloud Data Movement 12 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  13. 13. Data Governance and Risk Management Policies and Procedures for Managing Information Usage Opportunity LOB IT Risk 13 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  14. 14. 14 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  15. 15. DoR employee Phishing email malware 8/29 used passwords to access 6 servers 9/1-2 Installed malicious backdoor and accessed 22 servers Malware stole Username password 9/12 Copied database backup files to a staging directory 10/19-20 DoR remediates after being notified of breach by 3rd party Aug/Sep 2012 8/27 Attacker logs into remote access service w/ credentials Executed utilities designed to obtain user account passwords (six servers) 15 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. 9/13 Exfiltrated tax records since ‘98: 3.8m individuals $12 million in associated costs Jeopardized governor’s re-election 1-year credit-monitoring & ID theft protection 800,000
  16. 16. Detect Fraudulent Data Migration Database Auditing  Monitor for large internal data migrations in existing environments  Audit all databases for privilege user data access  Automate continual auditing of sensitive data 16 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  17. 17. T-Mobile Monitors Data Exfiltration in Oracle and non-Oracle Databases Solution Provider of wireless voice, messaging, and data services throughout the U.S. Fourth largest wireless company in the U.S. with more than 35 million subscribers Industry: Telecom 17 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.  Addresses data security with Database Firewall, TDE, Data Masking as comprehensive database security defense-in-depth strategy  Database activity monitoring prevents insider and external threats  Deployed and setup within a few hours; already protected against a few compromised accounts that were harvesting data
  18. 18. Monitor Data Moving To and Within the Cloud Database Activity Monitoring and SQL Injection Prevention  Monitor database and system activity – Increase traffic visibility  Prevent database threats – SQL injection attacks and privilege escalation  Detect application by-pass and data harvesting 18 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  19. 19. SquareTwo Financial Prevents Database Threats Including SQL Injection Attacks Solution Leader in $100 billion asset recovery and management industry Partner Network used by Fortune 500 companies in banking, credit card, and health care Industry: Financial Services 19 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.  Addresses compliance with Database Firewall, TDE, Data Masking as comprehensive database security defense-in-depth strategy  Database activity monitoring to protect against insider and external threats, including SQL injection attacks  Securing Exadata and SQL Server databases
  20. 20. Address Regulatory Compliance Reporting and Alerting  Comply with regulations – GLBA, HIPAA, SOX, PCI and more  Alert in real-time to prevent further compromise  Collect, consolidate audit trails and system logs 20 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  21. 21. TransUnion Interactive Addresses PCI DSS Compliance Solution Consumer subsidiary of TransUnion, a global leader in credit information Maintains credit histories on over 500 million consumers globally Industry: Financial Services 21 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.  Deployed Database Firewall in one month to monitor database traffic  Achieved 10k transactions/sec while maintaining performance  Using reports to monitor traffic and manage workloads and capacity  Additional: Oracle Advanced Security to encrypt tablespaces
  22. 22. Oracle Audit Vault and Database Firewall Database Firewall APP S Firewall Events Alerts ! Built-in Reports AUDIT DATA Custom Reports Policies AUDIT VAULT 22 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Custom
  23. 23. For More Information Oracle Audit Vault and Database Firewall 23 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  24. 24. Complimentary eBook Register Now www.mhprofessional.com/dbsec Use Code: db12c 24 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  25. 25. Q&A 25 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.
  26. 26. 26 Copyright © 2013, Oracle and/or its affiliates. All rights reserved.

×