Security Database Overview 11gr2 100419083446 Phpapp02 PDF
Security Database Overview 11gr2 100419083446 Phpapp02 PDF
Security Database Overview 11gr2 100419083446 Phpapp02 PDF
Growth
Doubles
Yearly
1,800 Exabytes
2006 2011
Industrial Espionage
Security
Threats
Identity Theft Insider Threats
Data Consolidation
Globalization
Right Sourcing
3
More Breaches Than Ever
Data Breach Once exposed, the data is out there – the bell can’t be un-rung
PUBLICLY REPORTED DATA BREACHES
400
300
630%
Increase
200
100
Total Personally
Identifying Information
Records Exposed 0
(Millions) 2005 2006 2007 2008
5
Market Overview: IT Security In 2009
There has been a clear and significant shift from what was
the widely recognized state of security just a few years ago.
Protecting the organization's information assets is the top
issue facing security programs: data security (90%) is most
often cited as an important or very important issue for IT
security organizations, followed by application security (86%).
Market Overview: IT Security In 2009
- Jonathan Penn, April 22, 2009
6
Data Security Challenges
• What to secure?
• Sensitive Data: Confidential, PII, regulatory
• Data in packaged and custom applications
• Secure Life cycle: creation, transit, storage, backup, test, transfer
• Can we secure it now?
• Secure using existing systems?
• Transparent?
• Loss, Unauthorized access, Separation of Duty
• Will it meet business requirements?
• Flexible, Transparent, Compliant?
• Secures both custom and packaged applications?
• Will it reduce operational cost?
• Easy to manage?
• Performant?
7
Oracle Database Security
Defense-in-Depth for Security and Compliance
Monitoring Audit
Vault Total
Configuration
Management Recall
Access Control
Database Label
Vault Security
Advanced Data
Secure
Security Masking
Backup
8
Oracle Database Security
Defense-in-Depth for Security and Compliance
Advanced Data
Secure
Security Masking
Backup
9
Oracle Advanced Security
Transparent Data Encryption
Disk
Backups
Exports
Application
Off-Site
Facilities
10
Oracle Advanced Security
Network Encryption & Strong Authentication
11
Oracle Secure Backup
Integrated Tape or Cloud Backup Management
12
Oracle Data Masking
Irreversible De-Identification
Production Non-Production
LAST_NAME SSN SALARY LAST_NAME SSN SALARY
13
Large Credit Card Services Provider
Cost Effective Encryption of Card Holder Data
14
U.S. Pharmaceutical Tools Manufacturer
Oracle Advanced Security Protects Sensitive Data
15
EMEA-based Real Estate Company
Data Masking Pack accelerated availability of production data for
testing while improving DBA productivity
• Custom scripts to mask sensitive data were not
able to scale to meet growing data volumes
Business Challenges • DBA team under increasing pressure to make
production data available to for application testing
within short time frames
• Data Masking Pack delivered an out-of-the-box
solution to replace custom database scripts
Solution • High performance masking capabilities accelerated
masking process from 6 hours using database
scripts to 6 minutes using Data Masking Pack
16
Oracle Database Security
Defense-in-Depth for Security and Compliance
Access Control
Database Label
Vault Security
Advanced Data
Secure
Security Masking
Backup
17
Oracle Database Vault
Separation of Duties & Privileged User Controls
Procurement
DBA
HR
Application
Finance
select * from finance.customers
18
Oracle Database Vault
Multi-Factor Access Control Policy Enforcement
Procurement
HR
Application Rebates
19
Oracle Label Security
Data Classification for Access Control
Sensitive
Transactions
Confidential
Report Data
Public
Reports
Confidential Sensitive
20
Large US Based Global Bank
Enable Secure Cost Effective Deployments
21
Pharmaceutical Services Provider
Protect Sensitive Customer Information and Address Regulations
22
Large European Telecom Provider
Enable Organization to Meet Regulations
• Protect the privacy of sensitive client data in their telecom billing system
Business • Meet internal, European Data Security Directive, and country-specific
Challenges privacy requirements
• Prevent tampering or deletion of database objects or database users
23
Oracle Database Security
Defense-in-Depth for Security and Compliance
Monitoring Audit
Vault Total
Configuration
Management Recall
Access Control
Database Label
Vault Security
Advanced Data
Secure
Security Masking
Backup
24
Oracle Audit Vault
Automated Activity Monitoring & Audit Reporting
HR Data ! Alerts
Built-in
CRM Data Reports
Audit
Data Custom
ERP Data Reports
Databases Policies
Auditor
25
Oracle Total Recall
Secure Change Tracking
26
Oracle Configuration Management
Vulnerability Assessment & Secure Configuration
Asset Configuration
Policy Vulnerability Analysis &
Management Management
Management Management Analytics
& Audit
• Database discovery
• Continuous scanning against best practices
• Detect and prevent unauthorized configuration changes
• Change management compliance reports
27
European Healthcare Insurance Provider
Simplified Reporting and Stronger Security
28
Large Financial Services Provider
Stronger Controls
29
Large European Telco Provider
Address Telco Regulations on Call Records
30
Oracle Database Security
Defense-in-Depth for Security and Compliance
Monitoring Audit
Vault Total
Configuration
Management Recall
Access Control
Database Label
Vault Security
Advanced Data
Secure
Security Masking
Backup
31
For More Information
search.oracle.com
database security
oracle.com/database/security
32
33
34