Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Copyright 2012, Oracle and/or its affiliates. All rights reserved."

Transcription

1 1

2 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle s products remains at the sole discretion of Oracle. 2

3 Secure Development and Test Environments with Oracle Data Masking Jaime Briggs Account Manager Strategic Accounts MSc CS, CCISP, CCSK 3

4 Program Agenda IOUG Data Security Survey: Top Risk Database Defense-in-Depth Data Discovery and Modeling Oracle Data Masking Features Data Subsetting Q&A 4

5 IOUG Enterprise Data Security Survey, respondents Multiple industries Orgs of all sizes 39% DBA title 38% responsible for more than 100 databases 57% Say A Data Breach is Likely or Are Unsure What is the likelihood of a data breach over the next 12 months? 5

6 Identified Top Risk Over Half Use Production Data in Non-Production Environments What kind of data is used within non-production environments? (e.g. staging, dev environments) 6

7 Database Security Defense-in-Depth Mitigate Database Bypass Prevent Application Bypass Consolidate Auditing and Compliance Reporting Monitor Database Traffic and Block Threats Protect All Database Environments Prevent access to data at OS, storage, network, media layers Transparent data encryption for data at rest, in transit, on media Separation of duties for key management Privileged user access control to limit access to application data Multi-factor authorization for enforcing enterprise security policies Secure application consolidation Native Oracle and non-oracle database auditing, centralized audit policies Consolidate, secure, analyze audit trail, alert on suspicious activities Report for compliance & security, automate database audit workflow Monitor Oracle & non-oracle database traffic over the network Block threats like SQL injection attacks before reaching databases Enforce normal database activity, lightweight monitoring Sensitive data discovery for production Secure database lifecycle management, configuration scanning, patch automation Mask data for nonproduction development & test 7

8 Database Security Defense-in-Depth Mitigate Database Bypass Prevent Application Bypass Consolidate Auditing and Compliance Reporting Monitor Database Traffic and Block Threats Protect All Database Environments Sensitive data discovery for production environments Secure database lifecycle management, configuration scanning, patch automation Mask data for nonproduction development & test 8

9 Data Discovery and Modeling Application Data Models Scans application schemas to model relationships between tables and columns Extracts data relationships from Oracle application meta-data Oracle E-Business Suite Oracle Fusion Applications Referential relationships stored in repository Enables test data operations such as data subsetting and masking 9

10 Data Discovery and Modeling Sensitive Data Identification Sensitive data discovery Pattern-based database scanning Import from pre-built mask templates Oracle Data Masking templates for Oracle applications Oracle Fusion Applications 10

11 Sensitive Column Discovery Discover Sensitive Column w/ Patterns Create Sensitive Column Types using Regular Expression to define the pattern for column name, comment, or data Run discovery job to scan database and discover sensitive columns Import From Masking Templates Import masking templates for Oracle Applications such as Fusion Applications Sensitive columns will be automatically tagged Set Columns as Sensitive Manually Add columns directly in the sensitive column list 11

12 Oracle Data Masking Irreversibly De-Identify Data for Non-Production Use Production Non-Production LAST_NAME SSN SALARY AGUILAR ,000 BENSON ,000 LAST_NAME SSN SALARY ANSKEKSL ,000 BKJHHEIEDK ,000 Data Never Leaves Database 12

13 Oracle Data Masking Comprehensive, Extensible Mask formats for common sensitive data Accelerates masking solution deployment Extensible mask routines Business rule customization Define once, apply everywhere Consistent policy enforcement 13

14 Sophisticated Masking Techniques Sophisticated Masking Techniques Compound Mask Sets of related columns masked together e.g. Address, City, State, Zip, Phone Condition-based Masking Specify separate mask format for each condition, e.g. driver s license format for each state SQL-expression based masking Use SQL functions, e.g. UPPER, SUBSTR, TO_CHAR, to generate mask values, e.g. SUBSTR(%ORIG_VALUE%,1,3) Compound Masking Condition-based Masking 14

15 Key-Based Reversible Masking New in Oracle Enterprise Manager 12c Mask Preserved data format Any pattern and length Numeric, alphanumeric or mixed Deterministic Unique Key-based Unmask Reverse masked data back to original value with same key 15

16 Masking Real Application Testing Workloads Real Application Testing Integration with Data Masking Copying production data to test systems puts sensitive information at risk Perform secure, production-scale testing Sensitive data found in workload capture files and STS are masked along with application data STS bind data (used with SPA) Workload Capture files (used with DB Replay) AWR sensitive bind data is purged Consistent masking across all data sources, workloads 16

17 Masking Workflow Security Admin Identify Sensitive Information Identify Data Formats Format Library Masking Definition DBA Clone Prod to Staging Review Mask Definition Execute Mask Clone Staging to Test Prod Staging Test 17

18 Performance Optimizations SQL Parallelism for tables > 1 million rows Statistics collection before & after masking CTAS statement with NOLOGGING Test Results Linux x86 4 CPU: Single core Pentium 4 (Northwood) [D1]) Memory: 5.7G Column scalability 215 columns masked:100 tables 60GB Database, 20 minutes Rows scalability 100M row table, 6 columns masked Random Number 1.3 hours 18

19 Heterogeneous Data Masking Oracle Databases Non-Oracle Databases Enterprise Manager Cloud Control with Data Masking Manage Manage Manage Production (Oracle) Staging (Oracle) Test (Oracle) Production (non-oracle) Staging (Oracle) Test (non-oracle) Database Gateway Database Gateway Monitor* Manage* Monitor* Enterprise Manager Cloud Control with Data Masking 19 * Available for IBM DB2, Microsoft SQLServer, Sybase

20 Oracle Data Masking Demo: De-Identifying Information for Sharing 20

21 Demo 21

22 Oracle Database Security Transparent Data Encryption, Privileged User Controls, Multi-Factor Authorization, Data Classification, and Change Tracking Maximum Security for Oracle Databases: Oracle Advanced Security Oracle Database Vault Oracle Label Security Oracle Total Recall Database Activity Auditing and Reporting, SQL Traffic Monitoring and Blocking, Real-Time Alerting, Workflow Automation Security for Oracle and non-oracle Databases Outside the Database: Oracle Audit Vault Oracle Database Firewall Secure Configuration Scanning, Automated Patching, Configuration Change Control, Sensitive Data Discovery, Data Masking Security for Production and non- Production Database Environments: Oracle Database Lifecycle Oracle Enterprise Manager Oracle Data Masking 22

23 Q&A 23

24 For More Information search.oracle.com database security or oracle.com/goto/database/data-masking 24

25 25

26 26

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Copyright 2012, Oracle and/or its affiliates. All rights reserved. 1 Seguridad en profundidad Jaime Briggs MSc CS, CISSP, CCSK Sales Manager Strategic accounts Agenda Los Controles ISO 27001 Defensa en Profundidad Productos que dan respuesta Roadmap a seguridad Q&A 3

More information

Oracle Database Security

Oracle Database Security Oracle Database Security Paul Needham, Senior Director, Product Management, Database Security Target of Data Breaches 2010 Data Breach Investigations Report Type Category % Breaches

More information

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information 1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information The following is intended to outline our general product direction. It is intended for information purposes only,

More information

Oracle Database Security. Paul Needham Senior Director, Product Management Database Security

Oracle Database Security. Paul Needham Senior Director, Product Management Database Security Oracle Database Security Paul Needham Senior Director, Product Management Database Security Safe Harbor Statement The following is intended to outline our general product direction. It is intended for

More information

Complete Database Security. Thomas Kyte http://asktom.oracle.com/

Complete Database Security. Thomas Kyte http://asktom.oracle.com/ Complete Database Security Thomas Kyte http://asktom.oracle.com/ Agenda Enterprise Data Security Challenges Database Security Strategy Oracle Database Security Solutions Defense-in-Depth Q&A 2 Copyright

More information

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information 1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information Proteggere i dati direttamente nel database Una proposta tecnologica Angelo Maria Bosis Sales Consulting Senior Manager

More information

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Copyright 2013, Oracle and/or its affiliates. All rights reserved. 1 Security Inside-Out with Oracle Database 12c Denise Mallin, CISSP Oracle Enterprise Architect - Security The following is intended to outline our general product direction. It is intended for information

More information

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved.

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. 1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Protect and Serve: How to protect confidential data in and out of your EBS and Fusion Apps databases Jagan R. Athreya Director, Product

More information

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Copyright 2013, Oracle and/or its affiliates. All rights reserved. 1 Solutions for securing and auditing Oracle database Edgars Ruņģis Technology Consultant Why Are Databases Vulnerable? 80% of IT Security Programs Don t Address Database Security Forrester Research Enterprises

More information

Oracle Identity Management Securing The New Digital Experience

Oracle Identity Management Securing The New Digital Experience Oracle Identity Management Securing The New Digital Experience Security: User Single Sign-On, Certifying User Access, and Masking Sensitive Data Henry Anzarouth Principal Sales Consultant, Security and

More information

Protecting Sensitive Data Reducing Risk with Oracle Database Security

Protecting Sensitive Data Reducing Risk with Oracle Database Security Protecting Sensitive Data Reducing Risk with Oracle Database Security Antonio.Mata.Gomez@oracle.com Information Security Architect Agenda 1 2 Anatomy of an Attack Three Steps to Securing an Oracle Database

More information

Oracle Database Security Overview

<Insert Picture Here> Oracle Database Security Overview Oracle Database Security Overview Tammy Bednar Sr. Principal Product Manager tammy.bednar@oracle.com Data Security Challenges What to secure? Sensitive Data: Confidential, PII, regulatory

More information

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Copyright 2012, Oracle and/or its affiliates. All rights reserved. 1 Cumplimiento de PMG SSI para sector Gobierno en Chile Jaime Briggs MSc CS, CISSP, CCSK Sales Manager Strategic accounts jaime.briggs@oracle.com Agenda Pilares Fundamentales de SSI Desafios de Seguridad

More information

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Copyright 2013, Oracle and/or its affiliates. All rights reserved. 1 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any

More information

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information 1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information The following is intended to outline our general product direction. It is intended for information purposes only,

More information

Application Change Management and Data Masking

<Insert Picture Here> Application Change Management and Data Masking Application Change Management and Data Masking Jagan R. Athreya (jagan.athreya@oracle.com) Director of Database Manageability Oracle Corporation 1 The following is intended to outline

More information

Database Security & Compliance with Audit Vault and Database Firewall. Pierre Leon Database Security

Database Security & Compliance with Audit Vault and Database Firewall. Pierre Leon Database Security Database Security & Compliance with Audit Vault and Database Firewall Pierre Leon Database Security 1 Topics Encryption Authentication Authorising highly privileged users Access control by data classification

More information

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Copyright 2013, Oracle and/or its affiliates. All rights reserved. 1 Security Inside Out Latest Innovations in Oracle Database 12c Jukka Männistö Database Architect Oracle Nordic Coretech Presales The 1995-2014 Security Landscape Regulatory Landscape HIPAA, SOX (2002),

More information

Security It s an ecosystem thing

Security It s an ecosystem thing Security It s an ecosystem thing Joseph Alhadeff Vice President Global Public Policy, Chief Privacy Strategist The Security challenge in the before time. Today s Threat Environment

More information

Oracle Enterprise Manager 12c New Capabilities for the DBA. Charlie Garry, Director, Product Management Oracle Server Technologies

Oracle Enterprise Manager 12c New Capabilities for the DBA. Charlie Garry, Director, Product Management Oracle Server Technologies Oracle Enterprise Manager 12c New Capabilities for the DBA Charlie Garry, Director, Product Management Oracle Server Technologies of DBAs admit doing nothing to address performance issues CHANGE AVOID

More information

Oracle Data Masking. Bruce Elton. Master Principal Sales Consultant Information Security. 1 2012 Oracle Corporation

Oracle Data Masking. Bruce Elton. Master Principal Sales Consultant Information Security. 1 2012 Oracle Corporation Oracle Data Masking Bruce Elton Master Principal Sales Consultant Information Security 1 2012 Oracle Corporation Oracle Data Masking Comprehensive and Extensible Mask Library Mask formats for common sensitive

More information

Securing Data in Oracle Database 12c

Securing Data in Oracle Database 12c Securing Data in Oracle Database 12c Thomas Kyte http://asktom.oracle.com/ Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes

More information

Hayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks

Hayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks EXTENDING ACCESS WHILE ENHANCING CONTROL FOR YOUR ORGANIZATION S DATA LEVERAGE THE POWER OF F5 AND ORACLE TO DELIVER SECURE ACCESS TO APPLICATIONS AND DATABASES Hayri Tarhan, Sr. Manager, Public Sector

More information

Copyright 2014 Oracle and/or its affiliates. All rights reserved.

Copyright 2014 Oracle and/or its affiliates. All rights reserved. Oracle Data Masking and Subsetting What s new & Best Practices Dinesh Rajasekharan Product Manager Oracle Data Masking and Subsetting Oct 02, 2014 Copyright 2014, Oracle and/or its affiliates. All rights

More information

An Oracle White Paper June 2009. Oracle Database 11g: Cost-Effective Solutions for Security and Compliance

An Oracle White Paper June 2009. Oracle Database 11g: Cost-Effective Solutions for Security and Compliance An Oracle White Paper June 2009 Oracle Database 11g: Cost-Effective Solutions for Security and Compliance Protecting Sensitive Information Information ranging from trade secrets to financial data to privacy

More information

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Copyright 2012, Oracle and/or its affiliates. All rights reserved. 1 Oracle Database Security Advanced Security Option Thanos Terentes Printzios DB & Options Specialist A&C Technology Adoption Office Oracle Partner Business Development, ECEMEA 2 What is a customers INFORMATION

More information

Oracle Database Vault

<Insert Picture Here> Oracle Database Vault Oracle Database Vault Kamal Tbeileh Senior Principal Product Manager, Database Security The following is intended to outline our general product direction. It is intended for information

More information

Oracle Audit Vault and Database Firewall. Morana Kobal Butković Principal Sales Consultant Oracle Hrvatska

Oracle Audit Vault and Database Firewall. Morana Kobal Butković Principal Sales Consultant Oracle Hrvatska Oracle Audit Vault and Database Firewall Morana Kobal Butković Principal Sales Consultant Oracle Hrvatska The following is intended to outline our general product direction. It is intended for information

More information

Data Security: Strategy and Tactics for Success

Data Security: Strategy and Tactics for Success Data Security: Strategy and Tactics for Success DatabaseVisions,Inc. Fairfax, Va Oracle Gold Partner Solution Provider Oracle Security Specialized www.databasevisions.com Overview Cloud Computing presents

More information

Oracle Audit Vault and Database Firewall

Oracle Audit Vault and Database Firewall Oracle Audit Vault and Database Firewall Angelo Maria Bosis Sales Consulting Director Oracle Italia Billions of Database Records Breached Globally 97% of Breaches Were Avoidable with

More information

Intelligent Security Design, Development and Acquisition

Intelligent Security Design, Development and Acquisition PAGE 1 Intelligent Security Design, Development and Acquisition Presented by Kashif Dhatwani Security Practice Director BIAS Corporation Agenda PAGE 2 Introduction Security Challenges Securing the New

More information

Managing Oracle E-Business Suite Security

Managing Oracle E-Business Suite Security Managing Oracle E-Business Suite Security Erik Graversen, Senior Principal Software Developer Elke Phelps, Senior Principal Product Manager Oracle E-Business Suite Applications Technology Oracle Open World,

More information

Why Standardize on Oracle Database 11g Next Generation Database Management. Thomas Kyte http://asktom.oracle.com

Why Standardize on Oracle Database 11g Next Generation Database Management. Thomas Kyte http://asktom.oracle.com Why Standardize on Oracle Database 11g Next Generation Database Management Thomas Kyte http://asktom.oracle.com Top Challenges Performance Management Change Management Ongoing Administration Storage Backup

More information

An Oracle White Paper July 2010. Data Masking Best Practices

An Oracle White Paper July 2010. Data Masking Best Practices An Oracle White Paper July 2010 Data Masking Best Practices Executive Overview... 1 Introduction... 1 The Challenges of Masking Data... 2 Implementing Data Masking... 2 Comprehensive Enterprise-wide Discovery

More information

An Oracle White Paper June 2013. Security and Compliance with Oracle Database 12c

An Oracle White Paper June 2013. Security and Compliance with Oracle Database 12c An Oracle White Paper June 2013 Security and Compliance with Oracle Database 12c Introduction... 3 Oracle Database 12c Security... 4 Locating and Cataloging Your Sensitive Data... 4 Monitoring the Configuration

More information

IBM InfoSphere Optim Data Masking solution

IBM InfoSphere Optim Data Masking solution IBM InfoSphere Optim Data Masking solution Mask data on demand to protect privacy across the enterprise Highlights: Safeguard personally identifiable information, trade secrets, financials and other sensitive

More information

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Copyright 2012, Oracle and/or its affiliates. All rights reserved. 1 Introducing Oracle Audit Vault and Database Firewall Billions of Database Records Breached Globally 97% of Breaches Were Avoidable with Basic Controls 98% records stolen from databases 84% records breached

More information

Forthcoming EU Data Protection Law

Forthcoming EU Data Protection Law Forthcoming EU Data Protection Law How Oracle can Help Patrick McLaughlin Security Architect & Oracle Fellow EMEA Technology Solutions 22 October 2015, Riga Copyright 2014 Oracle and/or its affiliates.

More information

Oracle 1Z0-528 Exam Questions & Answers

Oracle 1Z0-528 Exam Questions & Answers Oracle 1Z0-528 Exam Questions & Answers Number: 1Z0-528 Passing Score: 660 Time Limit: 120 min File Version: 21.1 http://www.gratisexam.com/ Oracle 1Z0-528 Exam Questions & Answers Exam Name: Oracle Database

More information

Agenda. Sedat Zencirci Technology Sales Consultancy Manager. Oracle Technology Stack. Business Requirements and Oracle offerings

Agenda. Sedat Zencirci Technology Sales Consultancy Manager. Oracle Technology Stack. Business Requirements and Oracle offerings Sedat Zencirci Technology Sales Consultancy Manager Agenda Oracle Technology Stack Oracle Database Oracle Fusion MiddleWare Oracle Applications Business Requirements and Oracle offerings High Availability

More information

Safe Harbor Statement

Safe Harbor Statement Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment

More information

Why Add Data Masking to Your IBM DB2 Application Environment

Why Add Data Masking to Your IBM DB2 Application Environment Why Add Data Masking to Your IBM DB2 Application Environment dataguise inc. 2010. All rights reserved. Dataguise, Inc. 2201 Walnut Ave., #260 Fremont, CA 94538 (510) 824-1036 www.dataguise.com dataguise

More information

Oracle Database Security Solutions

Oracle Database Security Solutions Oracle Database Security Solutions Eric Cheung Senior Manager, Technology Sales Consulting Eric.cheung@oracle.com May 2008 Key Drivers for Data Security Privacy and Compliance Sarbanes-Oxley

More information

How to protect sensitive data, challenges & risks

<Insert Picture Here> How to protect sensitive data, challenges & risks How to protect sensitive data, challenges & risks Lars Klumpes CISSP Security Strategy Consultant EMEA Disclaimer The following is intended to outline our general product direction.

More information

Real-Time Database Protection and. Overview. 2010 IBM Corporation

Real-Time Database Protection and. Overview. 2010 IBM Corporation Real-Time Database Protection and Monitoring: IBM InfoSphere Guardium Overview Agenda Business drivers for database security InfoSphere Guardium architecture Common applications The InfoSphere portfolio

More information

Real Application Testing. Dave Foster Master Principal Sales Consultant

Real Application Testing. Dave Foster Master Principal Sales Consultant Real Application Testing Dave Foster Master Principal Sales Consultant The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated

More information

Guardium Change Auditing System (CAS)

Guardium Change Auditing System (CAS) Guardium Change Auditing System (CAS) Highlights. Tracks all changes that can affect the security of database environments outside the scope of the database engine Complements Guardium's Database Activity

More information

Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan

Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan WHITE PAPER Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan Introduction to Data Privacy Today, organizations face a heightened threat landscape with data

More information

PCI DSS-Payment Card Industry. Security Summit 2010. Master Principal Sales Consultant - Alfredo Valenza - Oracle Italia

<Insert Picture Here> PCI DSS-Payment Card Industry. Security Summit 2010. Master Principal Sales Consultant - Alfredo Valenza - Oracle Italia PCI DSS-Payment Card Industry Data Security Standard Security Summit 2010 Master Principal Sales Consultant - Alfredo Valenza - Oracle Italia This document is for informational purposes.

More information

Oracle Database Directions Fred Louis Principal Sales Consultant Ohio Valley Region

<Insert Picture Here> Oracle Database Directions Fred Louis Principal Sales Consultant Ohio Valley Region Oracle Database Directions Fred Louis Principal Sales Consultant Ohio Valley Region 1977 Oracle Database 30 Years of Sustained Innovation Database Vault Transparent Data Encryption

More information

Balancing Security Investment Against Today's Threat Environment

Balancing Security Investment Against Today's Threat Environment Balancing Security Investment Against Today's Threat Environment Niel Pandya Data Security, Senior Manager, Oracle ASEAN The following is intended to outline our general product direction.

More information

IBM InfoSphere Optim Test Data Management solution for Oracle E-Business Suite

IBM InfoSphere Optim Test Data Management solution for Oracle E-Business Suite IBM InfoSphere Optim Test Data Management solution for Oracle E-Business Suite Streamline test-data management and deliver reliable application upgrades and enhancements Highlights Apply test-data management

More information

Cost Effective Data Management for Oracle Utilities Applications

Cost Effective Data Management for Oracle Utilities Applications Cost Effective Data Management for Oracle Utilities Applications Anthony Shorten Principal Product Manager Oracle Utilities Global Business Unit Sept, 2014 Safe Harbor Statement The following is intended

More information

Security Compliance and Data Governance: Dual problems, single solution CON8015

Security Compliance and Data Governance: Dual problems, single solution CON8015 Security Compliance and Data Governance: Dual problems, single solution CON8015 David Wolf Director of Product Management Oracle Development, Enterprise Manager Steve Ries Senior Systems Architect Technology

More information

Making Database Security an IT Security Priority

Making Database Security an IT Security Priority Sponsored by Oracle Making Database Security an IT Security Priority A SANS Whitepaper November 2009 Written by Tanya Baccam Security Strategy Overview Why a Database Security Strategy? Making Databases

More information

Database Auditing & Security. Brian Flasck - IBM Louise Joosse - BPSolutions

Database Auditing & Security. Brian Flasck - IBM Louise Joosse - BPSolutions Database Auditing & Security Brian Flasck - IBM Louise Joosse - BPSolutions Agenda Introduction Drivers for Better DB Security InfoSphere Guardium Solution Summary Netherlands Case Study The need for additional

More information

Management Packs for Database

Management Packs for Database Management Packs for Database Diagnostics Pack for Database Oracle Diagnostics Pack for Database offers a complete, cost-effective, and easy to use solution for managing the performance of Oracle Database

More information

McAfee Database Security. Dan Sarel, VP Database Security Products

McAfee Database Security. Dan Sarel, VP Database Security Products McAfee Database Security Dan Sarel, VP Database Security Products Agenda Databases why are they so frail and why most customers Do very little about it? Databases more about the security problem Introducing

More information

Application Testing Suite Overview

Application Testing Suite Overview Application Testing Suite Overview Steve Van Hall Principal Sales Consultant, Oracle Corporation Oracle Enterprise Manager Top-Down Application Management Application Operations Management

More information

Preservation, Archiving & Cloud Computing

<Insert Picture Here> Preservation, Archiving & Cloud Computing Preservation, Archiving & Cloud Computing Marc Hamilton Global Technology Business Unit The following is intended to outline our general product direction. It is intended for information

More information

MySQL Security: Best Practices

MySQL Security: Best Practices MySQL Security: Best Practices Sastry Vedantam sastry.vedantam@oracle.com Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes

More information

An Oracle White Paper April 2014. Security and Compliance with Oracle Database 12c

An Oracle White Paper April 2014. Security and Compliance with Oracle Database 12c An Oracle White Paper April 2014 Security and Compliance with Oracle Database 12c Introduction... 2 Oracle Database 12c Security... 3 Protecting Against Database Bypass Threats... 3 Limiting Sensitive

More information

Safeguard Sensitive Data in EBS: A Look at Oracle Database Vault, Transparent Data Encryption, and Data Masking. Lucy Feng

Safeguard Sensitive Data in EBS: A Look at Oracle Database Vault, Transparent Data Encryption, and Data Masking. Lucy Feng Delivering Oracle Success Safeguard Sensitive Data in EBS: A Look at Oracle Database Vault, Transparent Data Encryption, and Data Masking Lucy Feng RMOUG Training Days February 2012 About DBAK Oracle Solution

More information

Welcome Tata Consulting Services, DSP Managed Services IBM and Azlan. Oracle e-business Suite. R12 Upgrade Workshop Summer 2011

Welcome Tata Consulting Services, DSP Managed Services IBM and Azlan. Oracle e-business Suite. R12 Upgrade Workshop Summer 2011 Welcome Tata Consulting Services, DSP Managed Services IBM and Azlan Oracle e-business Suite R12 Upgrade Workshop Summer 2011 Agenda 10:00 Welcome & Introductions Industry Implementation Challenges 10:30

More information

Larry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping

Larry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control

More information

Oracle Database 12c: Administration Workshop NEW

Oracle Database 12c: Administration Workshop NEW Oracle University Contact Us: 1.800.529.0165 Oracle Database 12c: Administration Workshop NEW Duration: 5 Days What you will learn The Oracle Database 12c: Administration Workshop will teach you about

More information

Planning, Provisioning and Deploying Enterprise Clouds with Oracle Enterprise Manager 12c Kevin Patterson, Principal Sales Consultant, Enterprise

Planning, Provisioning and Deploying Enterprise Clouds with Oracle Enterprise Manager 12c Kevin Patterson, Principal Sales Consultant, Enterprise Planning, Provisioning and Deploying Enterprise Clouds with Oracle Enterprise Manager 12c Kevin Patterson, Principal Sales Consultant, Enterprise Manager Oracle NIST Definition of Cloud Computing Cloud

More information

An Oracle White Paper June 2013. Data Masking Best Practice

An Oracle White Paper June 2013. Data Masking Best Practice An Oracle White Paper June 2013 Data Masking Best Practice Executive Overview... 2 Introduction Why mask data?... 2 The Challenges of masking non-production environments... 4 Implementing Data Masking...

More information

Kovaion Data Masking Solution

Kovaion Data Masking Solution Kovaion Data Masking Solution Date Email Website : Apr-2016 : info@kovaion.com : www.kovaion.com Kovaion Consulting DATA MASKING SOLUTION OVERVIEW Obfuscation of Sensitive Data Prevent data theft from

More information

Top Five Database Security and Compliance Resolutions for 2008

Top Five Database Security and Compliance Resolutions for 2008 Top Five Database Security and Compliance Resolutions for 2008 Speakers Michael Krieger, VP, Market Experts Group Ziff Davis Enterprise Rich Mogull, Founder Securosis Roxana Bradescu, Senior Product Director,

More information

The Weakest Link : Securing large, complex, global Oracle ebusiness Suite solutions

The Weakest Link : Securing large, complex, global Oracle ebusiness Suite solutions The Weakest Link : Securing large, complex, global Oracle ebusiness Suite solutions Radomir Vranesevic Director and IT Architect Oracle Certified Master, CISSP Fusion Professionals 1 Agenda Introduction

More information

Informatica Dynamic Data Masking

Informatica Dynamic Data Masking Informatica Dynamic Data Masking Preventing Data Breaches with Benchmark-Proven Performance WHITE PAPER This document contains Confidential, Proprietary and Trade Secret Information ( Confidential Information

More information

Obtaining Value from Your Database Activity Monitoring (DAM) Solution

Obtaining Value from Your Database Activity Monitoring (DAM) Solution Obtaining Value from Your Database Activity Monitoring (DAM) Solution September 23, 2015 Mike Miller Chief Security Officer Integrigy Corporation Stephen Kost Chief Technology Officer Integrigy Corporation

More information

Integrated Data Management: Discovering what you may not know

Integrated Data Management: Discovering what you may not know Integrated Data Management: Discovering what you may not know Eric Naiburg ericnaiburg@us.ibm.com Agenda Discovering existing data assets is hard What is Discovery Discovery and archiving Discovery, test

More information

Test Data Management for Security and Compliance

Test Data Management for Security and Compliance White Paper Test Data Management for Security and Compliance Reducing Risk in the Era of Big Data WHITE PAPER This document contains Confidential, Proprietary and Trade Secret Information ( Confidential

More information

Security Solutions. MyDBA s. Security Solutions. For Databases. October 2012. Copyright 2012 MyDBA CC. Version 3

Security Solutions. MyDBA s. Security Solutions. For Databases. October 2012. Copyright 2012 MyDBA CC. Version 3 MyDBA s Security Solutions For Databases October 2012 Version 3 The Protection of Personal Information (POPI) Bill The Bill requires that: Anyone who processes personal information will need to take appropriate

More information

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief RSA Solution Brief Streamlining Security Operations with Managing RSA the Lifecycle of Data Loss Prevention and Encryption RSA envision Keys with Solutions RSA Key Manager RSA Solution Brief 1 Who is asking

More information

An Oracle White Paper April 2014. Oracle Audit Vault and Database Firewall

An Oracle White Paper April 2014. Oracle Audit Vault and Database Firewall An Oracle White Paper April 2014 Oracle Audit Vault and Database Firewall Introduction... 2 Oracle Audit Vault and Database Firewall Overview... 3 Auditing and Monitoring Overview... 3 Audit Vault... 4

More information

IBM InfoSphere Optim Test Data Management

IBM InfoSphere Optim Test Data Management IBM InfoSphere Optim Test Data Management Highlights Create referentially intact, right-sized test databases or data warehouses Automate test result comparisons to identify hidden errors and correct defects

More information

Understanding holistic database security

Understanding holistic database security Information Management White Paper Understanding holistic database security 8 steps to successfully securing enterprise data sources 2 Understanding holistic database security News headlines about the

More information

Developing Value from Oracle s Audit Vault For Auditors and IT Security Professionals

Developing Value from Oracle s Audit Vault For Auditors and IT Security Professionals Developing Value from Oracle s Audit Vault For Auditors and IT Security Professionals November 13, 2014 Michael Miller Chief Security Officer Integrigy Corporation Stephen Kost Chief Technology Officer

More information

InfoSphere Guardium Ingmārs Briedis (ingmars.briedis@also.com) IBM SW solutions

InfoSphere Guardium Ingmārs Briedis (ingmars.briedis@also.com) IBM SW solutions InfoSphere Guardium Ingmārs Briedis (ingmars.briedis@also.com) IBM SW solutions Agenda Any questions unresolved? The Guardium Architecture Integration with Existing Infrastructure Summary Any questions

More information

Real Application Testing. Fred Louis Oracle Enterprise Architect

Real Application Testing. Fred Louis Oracle Enterprise Architect Real Application Testing Fred Louis Oracle Enterprise Architect The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated

More information

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Protect the data that drives our customers business. Data Security. Imperva s mission is simple: The Imperva Story Who We Are Imperva is the global leader in data security. Thousands of the world s leading businesses, government organizations, and service providers rely on Imperva solutions to prevent

More information

IBM InfoSphere Optim Test Data Management Solution

IBM InfoSphere Optim Test Data Management Solution IBM InfoSphere Optim Test Data Management Solution Highlights Create referentially intact, right-sized test databases Automate test result comparisons to identify hidden errors Easily refresh and maintain

More information

Oracle Database 12c Security and Compliance O R A C L E W H I T E P A P E R F E B R U A R Y 2 0 1 5

Oracle Database 12c Security and Compliance O R A C L E W H I T E P A P E R F E B R U A R Y 2 0 1 5 Oracle Database 12c Security and Compliance O R A C L E W H I T E P A P E R F E B R U A R Y 2 0 1 5 Table of Contents Introduction 2 Oracle Database 12c Security 3 Preventing Database Bypass 3 Preventing

More information

Oracle Database 12c Plug In. Switch On. Get SMART.

Oracle Database 12c Plug In. Switch On. Get SMART. Oracle Database 12c Plug In. Switch On. Get SMART. Duncan Harvey Head of Core Technology, Oracle EMEA March 2015 Safe Harbor Statement The following is intended to outline our general product direction.

More information

Data-Centric Security vs. Database-Level Security

Data-Centric Security vs. Database-Level Security TECHNICAL BRIEF Data-Centric Security vs. Database-Level Security Contrasting Voltage SecureData to solutions such as Oracle Advanced Security Transparent Data Encryption Introduction This document provides

More information

Comprehensive Approach to Database Security

Comprehensive Approach to Database Security Comprehensive Approach to Database Security asota@hotmail.com NYOUG 2008 1 What will I discuss today Identify Threats, Vulnerabilities and Risk to Databases Analyze the drivers for Database Security Identify

More information

Database Security Questions HOUG 2016. Fehér Lajos. Copyright 2015, Oracle and/or its affiliates. All rights reserved.

Database Security Questions HOUG 2016. Fehér Lajos. Copyright 2015, Oracle and/or its affiliates. All rights reserved. Database Security Questions HOUG 2016 Fehér Lajos 1 How Data Gets Compromised? Source: Verizon Data Breach Investigations Report Copyright 2015, Oracle and/or 2its affiliates. All rights reserved. Where

More information

Governance, Risk & Compliance for Public Sector

Governance, Risk & Compliance for Public Sector Governance, Risk & Compliance for Public Sector Steve Hagner EMEA GRC Solution Sales From egovernment to Oracle igovernment Increase Efficiency and Transparency Oracle igovernment

More information

An Oracle White Paper January 2012. Oracle Database Firewall

An Oracle White Paper January 2012. Oracle Database Firewall An Oracle White Paper January 2012 Oracle Database Firewall Introduction... 2 Oracle Database Firewall Overview... 3 Oracle Database Firewall... 3 White List for Positive Security Enforcement... 4 Black

More information

8 Steps to Holistic Database Security

8 Steps to Holistic Database Security Information Management White Paper 8 Steps to Holistic Database Security By Ron Ben Natan, Ph.D., IBM Distinguished Engineer, CTO for Integrated Data Management 2 8 Steps to Holistic Database Security

More information

Database Auditing: Best Practices. Rob Barnes, CISA Director of Security, Risk and Compliance Operations rbarnes@appsecinc.com

Database Auditing: Best Practices. Rob Barnes, CISA Director of Security, Risk and Compliance Operations rbarnes@appsecinc.com Database Auditing: Best Practices Rob Barnes, CISA Director of Security, Risk and Compliance Operations rbarnes@appsecinc.com Verizon 2009 Data Breach Investigations Report: 285 million records were compromised

More information

Oracle Privileged Account Manager 11gR2. Karsten Müller-Corbach karsten.mueller-corbach@oracle.com

Oracle Privileged Account Manager 11gR2. Karsten Müller-Corbach karsten.mueller-corbach@oracle.com R2 Oracle Privileged Account Manager 11gR2 Karsten Müller-Corbach karsten.mueller-corbach@oracle.com The following is intended to outline our general product direction. It is intended for information purposes

More information

Information Security & Privacy Solutions Enabling Information Governance

Information Security & Privacy Solutions Enabling Information Governance Information Security & Privacy Solutions Enabling Information Governance LYNDA KEITANY IM SALES SPECIALIST July 11, 2012 What s at Stake? Damage to company reputation Brand equity damage; negative publicity

More information

Move to Oracle Database with Oracle SQL Developer Migrations

<Insert Picture Here> Move to Oracle Database with Oracle SQL Developer Migrations Move to Oracle Database with Oracle SQL Developer Migrations The following is intended to outline our general product direction. It is intended for information purposes only, and

More information

Quest InTrust. Version 8.0. What's New. Active Directory Exchange Windows

Quest InTrust. Version 8.0. What's New. Active Directory Exchange Windows Quest InTrust Version 8.0 What's New Active Directory Exchange Windows Abstract This document describes the new features and capabilities of Quest InTrust 8.0. Copyright 2004 Quest Software, Inc. and Quest

More information

Oracle Database 12c: Administration Workshop NEW. Duration: 5 Days. What you will learn

Oracle Database 12c: Administration Workshop NEW. Duration: 5 Days. What you will learn Oracle Database 12c: Administration Workshop NEW Duration: 5 Days What you will learn The Oracle Database 12c: Administration Workshop will teach you about the Oracle Database architecture. You will discover

More information

CON9488 The Enterprise Cloud Simplified with Oracle VM

CON9488 The Enterprise Cloud Simplified with Oracle VM CON9488 The Enterprise Cloud Simplified with Oracle VM Andy Herm, Senior Architect, Cloud Infrastructure, Oracle Conor Wentz, Senior Architect, Cloud Infrastructure, Oracle Honglin Su, Sr. Director of

More information