Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Copyright 2012, Oracle and/or its affiliates. All rights reserved."

Transcription

1 1

2 Oracle Database Security Advanced Security Option Thanos Terentes Printzios DB & Options Specialist A&C Technology Adoption Office Oracle Partner Business Development, ECEMEA 2

3 What is a customers INFORMATION most Valuable Asset? 3

4 Information is Data Two-thirds of sensitive and regulated information now resides in databases and doubling every two years HR Data Citizen Data Credit Cards Customer Data Financial Data Classified Govt. Info. 48% Data Breaches Caused by Insiders Trade Secrets 89% Records Competitive Stolen Bids Using SQL Injection Corporate Plans 86% Hacking Source Used Code Stolen Credentials Bug Database Source: Verizon, & IDC, "Effective Data Leak Prevention Programs: Start by Protecting Data at the Source", August

5 Why Database Security? Two thirds of sensitive regulated information now resides in databases, and it is doubling every 2 years. Source: "Effective Data Leak Prevention Programs: Start by Protecting Data at the Source Your Databases", IDC, August Of all the records breached at large organizations, 98% involved a compromised database server. Source: Verizon Business 2012 Data Breach Investigations Report, Verizon, June

6 IT Security Not Addressing Database Security Databases hold the crown jewels for organizations but often don t get the strong focus they need when it comes to data security planning. Forrester estimates that although 70% of enterprises have an information security plan, only 20% of enterprises have a database security plan. Source: Creating An Enterprise Database Security Plan, July

7 Data Security becoming Top IT Priority Source: Forrester Research Inc. The State Of Enterprise IT Security And Emerging Trends: 2009 To 2010, Jan. 25 th

8 Why Secure the Database? Copyright 2011 Copyright Oracle. 2012, All rights Oracle reserved. and/or its affiliates. All rights reserved. 8 8

9 Database Security Defense in Depth Mitigate Database Bypass Prevent Application Bypass Consolidate Auditing and Compliance Reporting Monitor Database Traffic and Block Threats Protect All Database Environments Prevent access to data at OS, storage, network, media layers Transparent data encryption for data at rest, in transit, on media Separation of duties for key management Privileged user access control to limit access to application data Multi-factor authorization for enforcing enterprise security policies Secure application consolidation Native Oracle and non-oracle database auditing, centralized audit policies Consolidate, secure, analyze audit trail, alert on suspicious activities Report for compliance & security, automate database audit workflow Monitor Oracle & non-oracle database traffic over the network Block threats like SQL injection attacks before reaching databases Enforce normal database activity, lightweight monitoring Sensitive data discovery for production Secure database lifecycle management, configuration scanning, patch automation Mask data for nonproduction development & test 9

10 Database Security Defense in Depth Mitigate Database Bypass Prevent Application Bypass Consolidate Auditing and Compliance Reporting Monitor Database Traffic and Block Threats Protect All Database Environments Prevent access to data at OS, storage, network, media layers Transparent data encryption for data at rest, in transit, on media Separation of duties for key management 10

11 Advanced Security Optons Easy Data Encryption in the Database 11

12 Oracle Advanced Security Protect Data from Unauthorized Database Users Disk Application Backups Exports Off-Site Facilities Prevents database by-pass with complete end-to-end data encryption Efficient application data encryption without application changes Built-in key management with separation of duties High performance and easy to deploy 12

13 Oracle Advanced Security Database Traffic Network Encryption Network traffic entirely encrypted to prevent man in the middle attacks AES, RSA RC4, and DES/3DES Data integrity checksums - prevent modification, replay, missing packet, etc. MD5 and SHA-1 No infrastructure changes required, point-and-click implementation 13

14 Oracle Advanced Security Strong Authentication Authenticates users, servers, and linked databases Centralizes authentication, taking it out of the DBA s exclusive control Supports single sign-on deployments and popular directory services Enables strong multi-factor authentication 14

15 Evolution of Oracle Advanced Security Network Encryption & Strong Authentication Column TDE & Wallet Key Management Tablespace TDE & Hardware Acceleration & Exadata Optimizations Oracle 9i Oracle 10g Oracle 11g 15

16 Transparent Data Encryption Encryption Key Architecture Hardware Security Module Tablespace Key Table Key Standard Wallet Auto-Open Wallet Master Key Local Auto-Open Wallet Oracle Wallet TDE Tablespace Encryption TDE Column Encryption 16

17 Oracle Advanced Security Transparent Data Encryption for Columns Support for all column types, including Oracle Database 11g SecureFile Data is cached encrypted in the SGA Decrypted only when you dereference it, encrypted every time you modify it Indexing supported, but the index is indexing encrypted data (not sorted!) Encryption keys are table specific - means cannot enforce foreign key constraints Undo and Redo generated are encrypted 17

18 Oracle Advanced Security Transparent Data Encryption for Tablespaces All tables in tablespace are encrypted no need to identify specific columns Data encrypted at block level as written out to disk, decrypted when read in Data is cached in the SGA unencrypted Index contains clear text (blocks are encrypted) so no limitations on index use Encryption keys are tablespace specific foreign key constraints can be enforced Undo and Redo generated are encrypted 18

19 Encrypted Tablespaces in Exadata X2 Exadata Smart Scans Encrypted tablespaces can be Smart Scanned Query processing is offloaded to the storage cells Hybrid Columnar Compression Crypto processing occurs on compressed data Results in much less data to encrypt & decrypt Exadata Cryptographic Acceleration Intel AES-NI and Oracle SPARC hardware accelerate the crypto processing by 5x or more 19

20 Oracle Advanced Security Transparent Data Encryption Built-In Key Management Table and Tablespace Keys Master Key Oracle Wallet PKCS #11 API HSM Create a wallet and generate the master key: alter system set key identified by e3car61 Open the wallet: alter system set wallet open identified by e3car61 Rotate master (table/tablespace keys re-encrypted): alter system set key identified by 2naf1sh Rotate table/tablespace keys (data re-encrypted) alter table employee REKEY; Generate, store, and rotate encryption keys Two-tier key management architecture Table and Tablespace keys used to encrypt data (stored in database for performance) Master key used to encrypt Table and Tablespace keys Master key is stored in External Security Module (outside the database) Oracle Wallet (PKCS #12 file) Hardware Security Module (HSM) meets FIPS & Common Criteria reqs using PKCS#11 API Separation of duties -- wallet password is separate from System or DBA password 20

21 Oracle Advanced Security Transparent Data Encryption for Media Disk Backups Exports Off-Site Facilities TDE integrated with Oracle Data Pump for bulk export/import to OS flat files TDE integrated with Oracle RMAN for database backup and recovery RMAN and Data Pump compress and encrypt data Master Key, passphrase, or both can be used to encrypt export and backup files No need to distribute production master key with exports or backups Master key not automatically backed up with database 21

22 Oracle Advanced Security Strong Authentication Strong Authentication Application Kerberos X509 v3 TDE returns clear text data to authenticated, authorized database users Critical to protect against stolen credentials & increase assurance of database user identities, especially privileged application users and DBAs Strong authentication schemes supported Kerberos, PKI & RADIUS (for 1 time passwords tokens, risk-based authentication, etc.) 22

23 Ease of Deployment Data At Rest Encryption Architectural Considerations Disk Easy and Secure Oracle Database NAS Encryption Application Hard and Not Secure Security 23

24 Encryption processing rate (MB/CPU seconds) Oracle Advanced Security Transparent Data Encryption Performance Oracle Database Enterprise Edition AES-256 Encryption 10x speedup Oracle Database Enterprise Edition AES-256 Decryption 8x speedup Intel Xeon Processor X5570 w/o Intel IPP Intel Xeon processor X5680 w/ Intel IPP Intel Xeon Processor X5570 w/o Intel IPP Intel Xeon processor X5680 w/ Intel IPP Encrypting data is expensive is a myth (started with bad third party solutions!) Incremental CPU ~5% with 10x speed-up if cryptographic hardware available Incremental CPU reduced even more if using Oracle Advanced Compression or Exadata Hybrid Columnar Compression (EHCC) If compression ratio is 75%, we have to encrypt 75% less data! 24

25 Oracle Advanced Security Applications and Column TDE Command line syntax for scripts and custom applications Encrypt column in existing table: SQL> alter table clients modify (cr_card_nbr encrypt) Encrypt column in new table: SQL> create table customers( first_name varchar2(64), last_name varchar2(64) encrypt using AES256, cr_card_nbr varchar2(32) encrypt no salt nomac ); Numerous Oracle and non-oracle application certifications Oracle E-Business Suite 11i and Release 12 Oracle PeopleSoft Enterprise Oracle Siebel CRM 7.7+ SAP 640 and 700 Oracle Internet Directory Oracle Internet Directory iflex FLEXCUBE 10.0 RETEK Retail Sales Audit (RESA): RESA and 13.0 (Oracle Database 10gR2) RESA 13.1 (Oracle Database 11gR1) 25

26 Oracle Advanced Security Applications and Tablespace TDE Command line syntax for scripts and custom applications SQL> create tablespace SECURE datafile /opt/enc_tbs.dbf size 100M encryption using AES256 default storage(encrypt); Can t encrypt existing tablespaces Can use partitioning and dbms_redefinition to move data into new encrypted tablespaces without downtime or application changes Numerous Oracle and non-oracle application certifications Oracle E-Business Suite 11i and Release 12 Oracle PeopleSoft Enterprise Oracle Siebel CRM 8.0+ Oracle JD Edwards EnterpriseOne SAP 640_EX2+ (UNIX and Linux) 26

27 Oracle Advanced Security Advanced Protection for the Oracle Database Transparent Data Encryption (TDE) Transparently encrypts data-at-rest in Oracle databases and securely manages the encryption keys Protects against theft or loss of disks and backup media Stops OS users from inspecting the tablespace files Network Encryption Locks-down the database network connections Prevents network sniffing and replay attacks Strong Authentication Signs-in database users via Kerberos, PKI, or Radius Avoids weak passwords that can be stolen or cracked 27

28 How to Encrypt Your Existing Data Online encryption using Online Table Redefinition (OTR) Driven by PL/SQL scripts (DBMS_REDEFINITION) Copies in background, synchronizes deltas, renames at the end Achieves zero downtime Offline encryption using popular Oracle data movement tools Oracle DataPump Export/Import ALTER TABLE MOVE And more 28

29 Assisted Application Migration How To guides and automated migration scripts are available for select Oracle Applications These resources make online migration of data into encrypted tablespaces straightforward (using OTR) Application packages are available for download from the TDE Homepage on Oracle Technology Network Additional Partner Support available at Partner Hub ISV Migration Center 29

30 Database Security Big Picture Activity Audit Data Discovery Compliance Scan Vulnerability Scan Patch Automation Applications Network SQL Monitoring and Blocking Auditing Authorization Authentication Encrypted Database Data Masking Unauthorized DBA Activity Multi-factor authorization 30

31 Oracle Database Security Platform Transparent Data Encryption, Privileged User Controls, Multi-Factor Authorization, Data Classification, and Change Tracking Maximum Security for Oracle Databases: Oracle Advanced Security Oracle Database Vault Oracle Label Security Oracle Total Recall Database Activity Auditing and Reporting, SQL Traffic Monitoring and Blocking, Real-Time Alerting, Workflow Automation Security for Oracle and non-oracle Databases Outside the Database: Oracle Audit Vault Oracle Database Firewall Secure Configuration Scanning, Automated Patching, Configuration Change Control, Sensitive Data Discovery, Data Masking Security for Production and non- Production Database Environments: Oracle Database Lifecycle Oracle Enterprise Manager Oracle Data Masking 31

32 Oracle Maximum Security Architecture Secure Configuration Scanning Patch Management Enterprise Manager Applications Oracle Audit Vault Procurement Sensitive Auditing Authorization Confidential HR Authentication Rebates Public Unauthorized DBA Activity Multi-factor Authorization DB Consolidation Security Oracle Database Vault Oracle Database Firewall Encrypted Database Encrypted Traffic Oracle Advanced Security Mask For Test and Dev Oracle Data Masking 32

33 Q&A You can also address your questions at the local South Africa Partner Hub ISV Migration Center 33

34 34

35 35

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information 1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information The following is intended to outline our general product direction. It is intended for information purposes only,

More information

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information 1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information Proteggere i dati direttamente nel database Una proposta tecnologica Angelo Maria Bosis Sales Consulting Senior Manager

More information

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Copyright 2013, Oracle and/or its affiliates. All rights reserved. 1 Security Inside-Out with Oracle Database 12c Denise Mallin, CISSP Oracle Enterprise Architect - Security The following is intended to outline our general product direction. It is intended for information

More information

Oracle White Paper October 2010. Oracle Advanced Security with Oracle Database 11g Release 2

Oracle White Paper October 2010. Oracle Advanced Security with Oracle Database 11g Release 2 Oracle White Paper October 2010 Oracle Advanced Security with Oracle Database 11g Release 2 Introduction... 1 Oracle Advanced Security... 2 Transparent Data Encryption... 3 Support for hardware-based encryption

More information

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information 1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information The following is intended to outline our general product direction. It is intended for information purposes only,

More information

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Copyright 2013, Oracle and/or its affiliates. All rights reserved. 1 Solutions for securing and auditing Oracle database Edgars Ruņģis Technology Consultant Why Are Databases Vulnerable? 80% of IT Security Programs Don t Address Database Security Forrester Research Enterprises

More information

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Copyright 2013, Oracle and/or its affiliates. All rights reserved. 1 Security Inside Out Latest Innovations in Oracle Database 12c Jukka Männistö Database Architect Oracle Nordic Coretech Presales The 1995-2014 Security Landscape Regulatory Landscape HIPAA, SOX (2002),

More information

Protecting Sensitive Data Reducing Risk with Oracle Database Security

Protecting Sensitive Data Reducing Risk with Oracle Database Security Protecting Sensitive Data Reducing Risk with Oracle Database Security Antonio.Mata.Gomez@oracle.com Information Security Architect Agenda 1 2 Anatomy of an Attack Three Steps to Securing an Oracle Database

More information

Oracle Database Security

Oracle Database Security Oracle Database Security Paul Needham, Senior Director, Product Management, Database Security Target of Data Breaches 2010 Data Breach Investigations Report Type Category % Breaches

More information

Oracle Database Security. Paul Needham Senior Director, Product Management Database Security

Oracle Database Security. Paul Needham Senior Director, Product Management Database Security Oracle Database Security Paul Needham Senior Director, Product Management Database Security Safe Harbor Statement The following is intended to outline our general product direction. It is intended for

More information

<Insert Picture Here> Oracle Database Security Overview

<Insert Picture Here> Oracle Database Security Overview Oracle Database Security Overview Tammy Bednar Sr. Principal Product Manager tammy.bednar@oracle.com Data Security Challenges What to secure? Sensitive Data: Confidential, PII, regulatory

More information

Securing Data in Oracle Database 12c

Securing Data in Oracle Database 12c Securing Data in Oracle Database 12c Thomas Kyte http://asktom.oracle.com/ Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes

More information

Oracle Database Encryption

Oracle Database Encryption By Craig Moir craig@mydba.co.za http://www.mydba.co.za August 2012 Version 1 WHAT IS ENCRYPTION? Encryption is the process of transforming information, using an algorithm or an encryption key, into an

More information

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Copyright 2013, Oracle and/or its affiliates. All rights reserved. 1 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any

More information

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Copyright 2012, Oracle and/or its affiliates. All rights reserved. 1 Seguridad en profundidad Jaime Briggs MSc CS, CISSP, CCSK Sales Manager Strategic accounts Agenda Los Controles ISO 27001 Defensa en Profundidad Productos que dan respuesta Roadmap a seguridad Q&A 3

More information

Oracle 1Z0-528 Exam Questions & Answers

Oracle 1Z0-528 Exam Questions & Answers Oracle 1Z0-528 Exam Questions & Answers Number: 1Z0-528 Passing Score: 660 Time Limit: 120 min File Version: 21.1 http://www.gratisexam.com/ Oracle 1Z0-528 Exam Questions & Answers Exam Name: Oracle Database

More information

Oracle Database Security Solutions

Oracle Database Security Solutions Oracle Database Security Solutions Eric Cheung Senior Manager, Technology Sales Consulting Eric.cheung@oracle.com May 2008 Key Drivers for Data Security Privacy and Compliance Sarbanes-Oxley

More information

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Copyright 2012, Oracle and/or its affiliates. All rights reserved. 1 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any

More information

An Oracle White Paper June 2013. Encryption and Redaction in Oracle Database 12c with Oracle Advanced Security

An Oracle White Paper June 2013. Encryption and Redaction in Oracle Database 12c with Oracle Advanced Security An Oracle White Paper June 2013 Encryption and Redaction in Oracle Database 12c with Oracle Advanced Security Introduction... 1 Preventing Database Bypass with Encryption... 2 Oracle Advanced Security

More information

Complete Database Security. Thomas Kyte http://asktom.oracle.com/

Complete Database Security. Thomas Kyte http://asktom.oracle.com/ Complete Database Security Thomas Kyte http://asktom.oracle.com/ Agenda Enterprise Data Security Challenges Database Security Strategy Oracle Database Security Solutions Defense-in-Depth Q&A 2 Copyright

More information

Database Security & Compliance with Audit Vault and Database Firewall. Pierre Leon Database Security

Database Security & Compliance with Audit Vault and Database Firewall. Pierre Leon Database Security Database Security & Compliance with Audit Vault and Database Firewall Pierre Leon Database Security 1 Topics Encryption Authentication Authorising highly privileged users Access control by data classification

More information

Guardium Change Auditing System (CAS)

Guardium Change Auditing System (CAS) Guardium Change Auditing System (CAS) Highlights. Tracks all changes that can affect the security of database environments outside the scope of the database engine Complements Guardium's Database Activity

More information

An Oracle White Paper June 2009. Oracle Database 11g: Cost-Effective Solutions for Security and Compliance

An Oracle White Paper June 2009. Oracle Database 11g: Cost-Effective Solutions for Security and Compliance An Oracle White Paper June 2009 Oracle Database 11g: Cost-Effective Solutions for Security and Compliance Protecting Sensitive Information Information ranging from trade secrets to financial data to privacy

More information

<Insert Picture Here> Oracle Database Vault

<Insert Picture Here> Oracle Database Vault Oracle Database Vault Kamal Tbeileh Senior Principal Product Manager, Database Security The following is intended to outline our general product direction. It is intended for information

More information

An Oracle White Paper June 2013. Security and Compliance with Oracle Database 12c

An Oracle White Paper June 2013. Security and Compliance with Oracle Database 12c An Oracle White Paper June 2013 Security and Compliance with Oracle Database 12c Introduction... 3 Oracle Database 12c Security... 4 Locating and Cataloging Your Sensitive Data... 4 Monitoring the Configuration

More information

Efficient Key Management for Oracle Database 11g Release 2 Using Hardware Security Modules

Efficient Key Management for Oracle Database 11g Release 2 Using Hardware Security Modules Efficient Key Management for Oracle Database 11g Release 2 Using Hardware Security Modules WHITE PAPER Thales e-security www.thalesesec.com/oracle TABLE OF CONTENT Introduction...3 Oracle Database 11g

More information

Copyright 2014 Oracle and/or its affiliates. All rights reserved.

Copyright 2014 Oracle and/or its affiliates. All rights reserved. Copyright 2014 Oracle and/or its affiliates. All rights reserved. Oracle Data Masking and Subsetting Oracle Advanced Security Best Practices for Database Encryption and Redaction Todd Bottger Sr. Principal

More information

Next Generation Solutions for Indian Railways. Sundar Ram VP, Technology Sales Consulting

Next Generation Solutions for Indian Railways. Sundar Ram VP, Technology Sales Consulting Next Generation Solutions for Indian Railways Sundar Ram VP, Technology Sales Consulting Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information

More information

Security It s an ecosystem thing

Security It s an ecosystem thing Security It s an ecosystem thing Joseph Alhadeff Vice President Global Public Policy, Chief Privacy Strategist The Security challenge in the before time. Today s Threat Environment

More information

MySQL Security: Best Practices

MySQL Security: Best Practices MySQL Security: Best Practices Sastry Vedantam sastry.vedantam@oracle.com Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes

More information

An Oracle White Paper April 2014. Security and Compliance with Oracle Database 12c

An Oracle White Paper April 2014. Security and Compliance with Oracle Database 12c An Oracle White Paper April 2014 Security and Compliance with Oracle Database 12c Introduction... 2 Oracle Database 12c Security... 3 Protecting Against Database Bypass Threats... 3 Limiting Sensitive

More information

Oracle Database 11g: Security Release 2. Course Topics. Introduction to Database Security. Choosing Security Solutions

Oracle Database 11g: Security Release 2. Course Topics. Introduction to Database Security. Choosing Security Solutions Oracle Database 11g: Security Release 2 In this course, students learn how they can use Oracle Database features to meet the security, privacy and compliance requirements of their organization. The current

More information

Transparent Data Encryption: New Technologies and Best Practices for Database Encryption

Transparent Data Encryption: New Technologies and Best Practices for Database Encryption Sponsored by Oracle : New Technologies and Best Practices for Database Encryption A SANS Whitepaper April 2010 Written by Tanya Baccam, SANS senior instructor and course author for SEC509: Oracle Database

More information

All Things Oracle Database Encryption

All Things Oracle Database Encryption All Things Oracle Database Encryption January 21, 2016 Stephen Kost Chief Technology Officer Integrigy Corporation Phil Reimann Director of Business Development Integrigy Corporation Agenda Database Encryption

More information

Oracle Advanced Security Transparent Data Encryption Best Practices

Oracle Advanced Security Transparent Data Encryption Best Practices An Oracle White Paper July 2012 Oracle Advanced Security Transparent Data Encryption Best Practices Introduction... 1 Important Concepts... 1 Hardware cryptographic acceleration with SPARC T4 and Intel...

More information

D50323GC20 Oracle Database 11g: Security Release 2

D50323GC20 Oracle Database 11g: Security Release 2 D50323GC20 Oracle Database 11g: Security Release 2 What you will learn In this course, you'll learn how to use Oracle Database features to meet the security, privacy and compliance requirements of their

More information

Oracle Database 11g: Security. What you will learn:

Oracle Database 11g: Security. What you will learn: Oracle Database 11g: Security What you will learn: In Oracle Database 11g: Security course students learn how they can use Oracle database features to meet the security, privacy and compliance requirements

More information

Oracle Database 11g: Security Release 2

Oracle Database 11g: Security Release 2 Oracle University Contact Us: 1.800.529.0165 Oracle Database 11g: Security Release 2 Duration: 5 Days What you will learn In this course, you'll learn how to use Oracle Database features to meet the security,

More information

Safeguard Sensitive Data in EBS: A Look at Oracle Database Vault, Transparent Data Encryption, and Data Masking. Lucy Feng

Safeguard Sensitive Data in EBS: A Look at Oracle Database Vault, Transparent Data Encryption, and Data Masking. Lucy Feng Delivering Oracle Success Safeguard Sensitive Data in EBS: A Look at Oracle Database Vault, Transparent Data Encryption, and Data Masking Lucy Feng RMOUG Training Days February 2012 About DBAK Oracle Solution

More information

SafeNet DataSecure vs. Native Oracle Encryption

SafeNet DataSecure vs. Native Oracle Encryption SafeNet vs. Native Encryption Executive Summary Given the vital records databases hold, these systems often represent one of the most critical areas of exposure for an enterprise. Consequently, as enterprises

More information

An Oracle White Paper March 2010. Oracle Transparent Data Encryption for SAP

An Oracle White Paper March 2010. Oracle Transparent Data Encryption for SAP An Oracle White Paper March 2010 Oracle Transparent Data Encryption for SAP Introduction Securing sensitive customer data has become more and more important in the last years. One possible threat is confidential

More information

<Insert Picture Here> PCI DSS-Payment Card Industry. Security Summit 2010. Master Principal Sales Consultant - Alfredo Valenza - Oracle Italia

<Insert Picture Here> PCI DSS-Payment Card Industry. Security Summit 2010. Master Principal Sales Consultant - Alfredo Valenza - Oracle Italia PCI DSS-Payment Card Industry Data Security Standard Security Summit 2010 Master Principal Sales Consultant - Alfredo Valenza - Oracle Italia This document is for informational purposes.

More information

Oracle Database 11g: Security

Oracle Database 11g: Security Oracle University Contact Us: +27 (0)11 319-4111 Oracle Database 11g: Security Duration: 5 Days What you will learn In Oracle Database 11g: Security course students learn how to use Oracle database features

More information

Database Security Questions HOUG 2016. Fehér Lajos. Copyright 2015, Oracle and/or its affiliates. All rights reserved.

Database Security Questions HOUG 2016. Fehér Lajos. Copyright 2015, Oracle and/or its affiliates. All rights reserved. Database Security Questions HOUG 2016 Fehér Lajos 1 How Data Gets Compromised? Source: Verizon Data Breach Investigations Report Copyright 2015, Oracle and/or 2its affiliates. All rights reserved. Where

More information

Oracle Database 11g: New Features for Administrators DBA Release 2

Oracle Database 11g: New Features for Administrators DBA Release 2 Oracle Database 11g: New Features for Administrators DBA Release 2 Duration: 5 Days What you will learn This Oracle Database 11g: New Features for Administrators DBA Release 2 training explores new change

More information

Oracle Database 11g R1 & R2: New Features for Administrators

Oracle Database 11g R1 & R2: New Features for Administrators Oracle Database 11g R1 & R2: New Features for Administrators Summary This Oracle 11g course will assist experienced Oracle database administrators to quickly learn the new features and concepts associated

More information

05.0 Application Development

05.0 Application Development Number 5.0 Policy Owner Information Security and Technology Policy Application Development Effective 01/01/2014 Last Revision 12/30/2013 Department of Innovation and Technology 5. Application Development

More information

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Copyright 2012, Oracle and/or its affiliates. All rights reserved. 1 Introducing Oracle Audit Vault and Database Firewall Billions of Database Records Breached Globally 97% of Breaches Were Avoidable with Basic Controls 98% records stolen from databases 84% records breached

More information

Making Database Security an IT Security Priority

Making Database Security an IT Security Priority Sponsored by Oracle Making Database Security an IT Security Priority A SANS Whitepaper November 2009 Written by Tanya Baccam Security Strategy Overview Why a Database Security Strategy? Making Databases

More information

Encrypting Sensitive Data in Oracle E-Business Suite

Encrypting Sensitive Data in Oracle E-Business Suite Encrypting Sensitive Data in Oracle E-Business Suite December 19, 2013 Stephen Kost Chief Technology Officer Integrigy Corporation About Integrigy ERP Applications Oracle E-Business Suite Databases Oracle

More information

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Copyright 2012, Oracle and/or its affiliates. All rights reserved. 1 Cumplimiento de PMG SSI para sector Gobierno en Chile Jaime Briggs MSc CS, CISSP, CCSK Sales Manager Strategic accounts jaime.briggs@oracle.com Agenda Pilares Fundamentales de SSI Desafios de Seguridad

More information

Data-Centric Security vs. Database-Level Security

Data-Centric Security vs. Database-Level Security TECHNICAL BRIEF Data-Centric Security vs. Database-Level Security Contrasting Voltage SecureData to solutions such as Oracle Advanced Security Transparent Data Encryption Introduction This document provides

More information

Agenda. Sedat Zencirci Technology Sales Consultancy Manager. Oracle Technology Stack. Business Requirements and Oracle offerings

Agenda. Sedat Zencirci Technology Sales Consultancy Manager. Oracle Technology Stack. Business Requirements and Oracle offerings Sedat Zencirci Technology Sales Consultancy Manager Agenda Oracle Technology Stack Oracle Database Oracle Fusion MiddleWare Oracle Applications Business Requirements and Oracle offerings High Availability

More information

InfoSphere Guardium Ingmārs Briedis (ingmars.briedis@also.com) IBM SW solutions

InfoSphere Guardium Ingmārs Briedis (ingmars.briedis@also.com) IBM SW solutions InfoSphere Guardium Ingmārs Briedis (ingmars.briedis@also.com) IBM SW solutions Agenda Any questions unresolved? The Guardium Architecture Integration with Existing Infrastructure Summary Any questions

More information

Oracle Advanced Security Technical White Paper. An Oracle White Paper June 2007

Oracle Advanced Security Technical White Paper. An Oracle White Paper June 2007 Oracle Advanced Security Technical White Paper An Oracle White Paper June 2007 Oracle Advanced Security Technical White Paper INTRODUCTION 4 ORACLE DATABASE ENCRYPTION OVERVIEW 4 TRANSPARENT DATA ENCRYPTION

More information

Oracle Database 12c Plug In. Switch On. Get SMART.

Oracle Database 12c Plug In. Switch On. Get SMART. Oracle Database 12c Plug In. Switch On. Get SMART. Duncan Harvey Head of Core Technology, Oracle EMEA March 2015 Safe Harbor Statement The following is intended to outline our general product direction.

More information

Hayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks

Hayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks EXTENDING ACCESS WHILE ENHANCING CONTROL FOR YOUR ORGANIZATION S DATA LEVERAGE THE POWER OF F5 AND ORACLE TO DELIVER SECURE ACCESS TO APPLICATIONS AND DATABASES Hayri Tarhan, Sr. Manager, Public Sector

More information

Intelligent Security Design, Development and Acquisition

Intelligent Security Design, Development and Acquisition PAGE 1 Intelligent Security Design, Development and Acquisition Presented by Kashif Dhatwani Security Practice Director BIAS Corporation Agenda PAGE 2 Introduction Security Challenges Securing the New

More information

Protecting Data Assets and Reducing Risk

Protecting Data Assets and Reducing Risk Protecting Data Assets and Reducing Risk Michelle Malcher Enterprise Database Security Oracle Open World 2014 2014 Wells Fargo Bank, N.A. All rights reserved. For public use. 1 Introduction Michelle Malcher

More information

Oracle Database. Advanced Security Guide 12c Release 1 (12.1) E17729-14

Oracle Database. Advanced Security Guide 12c Release 1 (12.1) E17729-14 Oracle Database Advanced Security Guide 12c Release 1 (12.1) E17729-14 May 2013 Oracle Database Advanced Security Guide, 12c Release 1 (12.1) E17729-14 Copyright 1996, 2013, Oracle and/or its affiliates.

More information

<Insert Picture Here> Oracle Database Directions Fred Louis Principal Sales Consultant Ohio Valley Region

<Insert Picture Here> Oracle Database Directions Fred Louis Principal Sales Consultant Ohio Valley Region Oracle Database Directions Fred Louis Principal Sales Consultant Ohio Valley Region 1977 Oracle Database 30 Years of Sustained Innovation Database Vault Transparent Data Encryption

More information

Oracle Database - Engineered for Innovation. Sedat Zencirci Teknoloji Satış Danışmanlığı Direktörü Türkiye ve Orta Asya

Oracle Database - Engineered for Innovation. Sedat Zencirci Teknoloji Satış Danışmanlığı Direktörü Türkiye ve Orta Asya Oracle Database - Engineered for Innovation Sedat Zencirci Teknoloji Satış Danışmanlığı Direktörü Türkiye ve Orta Asya Oracle Database 11g Release 2 Shipping since September 2009 11.2.0.3 Patch Set now

More information

Oracle Identity Management Securing The New Digital Experience

Oracle Identity Management Securing The New Digital Experience Oracle Identity Management Securing The New Digital Experience Security: User Single Sign-On, Certifying User Access, and Masking Sensitive Data Henry Anzarouth Principal Sales Consultant, Security and

More information

Oracle 11g New Features - OCP Upgrade Exam

Oracle 11g New Features - OCP Upgrade Exam Oracle 11g New Features - OCP Upgrade Exam This course gives you the opportunity to learn about and practice with the new change management features and other key enhancements in Oracle Database 11g Release

More information

Oracle Privileged Account Manager 11gR2. Karsten Müller-Corbach karsten.mueller-corbach@oracle.com

Oracle Privileged Account Manager 11gR2. Karsten Müller-Corbach karsten.mueller-corbach@oracle.com R2 Oracle Privileged Account Manager 11gR2 Karsten Müller-Corbach karsten.mueller-corbach@oracle.com The following is intended to outline our general product direction. It is intended for information purposes

More information

Balancing Security Investment Against Today's Threat Environment

Balancing Security Investment Against Today's Threat Environment Balancing Security Investment Against Today's Threat Environment Niel Pandya Data Security, Senior Manager, Oracle ASEAN The following is intended to outline our general product direction.

More information

nshield Modules Integration Guide for Oracle Database 11g Release 2 Transparent Data Encryption

nshield Modules Integration Guide for Oracle Database 11g Release 2 Transparent Data Encryption nshield Modules Integration Guide for Oracle Database 11g Release 2 Transparent Data Encryption Version: 2.0 Date: 01 November 2013 Copyright 2013 Thales e-security Limited. All rights reserved. Copyright

More information

Oracle Database 11g: Security

Oracle Database 11g: Security Oracle Database 11g: Security Student Guide D52365GC10 Edition 1.0 October 2007 PRODUCTION This documentation contains proprietary information of Oracle Corporation. It is provided under a license agreement

More information

Objectif. Participant. Prérequis. Pédagogie. Oracle Database 11g - New Features for Administrators Release 2. 5 Jours [35 Heures]

Objectif. Participant. Prérequis. Pédagogie. Oracle Database 11g - New Features for Administrators Release 2. 5 Jours [35 Heures] Objectif Install Oracle Grid Infrastructure Install Oracle Database 11g Release 2 Use Oracle Restart to manage components Use Automatic Storage Management (ASM) enhancements Implement table compression

More information

<Insert Picture Here> How to protect sensitive data, challenges & risks

<Insert Picture Here> How to protect sensitive data, challenges & risks How to protect sensitive data, challenges & risks Lars Klumpes CISSP Security Strategy Consultant EMEA Disclaimer The following is intended to outline our general product direction.

More information

2013 AWS Worldwide Public Sector Summit Washington, D.C.

2013 AWS Worldwide Public Sector Summit Washington, D.C. Washington, D.C. Next Generation Privileged Identity Management Control and Audit Privileged Access Across Hybrid Cloud Environments Ken Ammon, Chief Strategy Officer Who We Are Security software company

More information

<Insert Picture Here>

<Insert Picture Here> 1 Database Technologies for Archiving Kevin Jernigan, Senior Director Product Management Advanced Compression, EHCC, DBFS, SecureFiles, ILM, Database Smart Flash Cache, Total Recall,

More information

2015 Jože Senegačnik Oracle ACE Director

2015 Jože Senegačnik Oracle ACE Director Transparent Data Encryption and Data Redaction in Oracle 12c Jože Senegačnik www.dbprof. - joze.senegacnik@dbprof. 2015 Jože Senegačnik About the Speaker DbProf. Jože Senegačnik First experience with Oracle

More information

Database Auditing: Best Practices. Rob Barnes, CISA Director of Security, Risk and Compliance Operations rbarnes@appsecinc.com

Database Auditing: Best Practices. Rob Barnes, CISA Director of Security, Risk and Compliance Operations rbarnes@appsecinc.com Database Auditing: Best Practices Rob Barnes, CISA Director of Security, Risk and Compliance Operations rbarnes@appsecinc.com Verizon 2009 Data Breach Investigations Report: 285 million records were compromised

More information

Oracle Database 10g: Security Release 2

Oracle Database 10g: Security Release 2 Oracle University Chiamaci: 800 672 253 Oracle Database 10g: Security Release 2 Duration: 4 Days Description In this course, the students learn how they can use Oracle database features to meet the security

More information

Oracle Database 11g: Security

Oracle Database 11g: Security Oracle University Entre em contato: 0800 891 6502 Oracle Database 11g: Security Duração: 5 Dias Objetivos do Curso In Oracle Database 11g: Security course students learn how they can use Oracle database

More information

SecureAge SecureDs Data Breach Prevention Solution

SecureAge SecureDs Data Breach Prevention Solution SecureAge SecureDs Data Breach Prevention Solution In recent years, major cases of data loss and data leaks are reported almost every week. These include high profile cases like US government losing personal

More information

Oracle Database 12c Security and Compliance O R A C L E W H I T E P A P E R F E B R U A R Y 2 0 1 5

Oracle Database 12c Security and Compliance O R A C L E W H I T E P A P E R F E B R U A R Y 2 0 1 5 Oracle Database 12c Security and Compliance O R A C L E W H I T E P A P E R F E B R U A R Y 2 0 1 5 Table of Contents Introduction 2 Oracle Database 12c Security 3 Preventing Database Bypass 3 Preventing

More information

Security and Control Issues within Relational Databases

Security and Control Issues within Relational Databases Security and Control Issues within Relational Databases David C. Ogbolumani, CISA, CISSP, CIA, CISM Practice Manager Information Security Preview of Key Points The Database Environment Top Database Threats

More information

An Oracle White Paper January 2015. Oracle Database Backup Service A Technical White Paper

An Oracle White Paper January 2015. Oracle Database Backup Service A Technical White Paper An Oracle White Paper January 2015 Oracle Database Backup Service A Technical White Paper 1 WHY STORE BACKUPS IN THE CLOUD? ORACLE DATABASE BACKUP SERVICE OVERVIEW ORACLE DATABASE CLOUD BACKUP MODULE (ODCBM)

More information

Security Controls for the Autodesk 360 Managed Services

Security Controls for the Autodesk 360 Managed Services Autodesk Trust Center Security Controls for the Autodesk 360 Managed Services Autodesk strives to apply the operational best practices of leading cloud-computing providers around the world. Sound practices

More information

Database Auditing & Security. Brian Flasck - IBM Louise Joosse - BPSolutions

Database Auditing & Security. Brian Flasck - IBM Louise Joosse - BPSolutions Database Auditing & Security Brian Flasck - IBM Louise Joosse - BPSolutions Agenda Introduction Drivers for Better DB Security InfoSphere Guardium Solution Summary Netherlands Case Study The need for additional

More information

Data Security: Strategy and Tactics for Success

Data Security: Strategy and Tactics for Success Data Security: Strategy and Tactics for Success DatabaseVisions,Inc. Fairfax, Va Oracle Gold Partner Solution Provider Oracle Security Specialized www.databasevisions.com Overview Cloud Computing presents

More information

An Oracle White Paper July 2015. Sustainable Compliance for the Payment Card Industry Data Security Standard

An Oracle White Paper July 2015. Sustainable Compliance for the Payment Card Industry Data Security Standard An Oracle White Paper July 2015 Sustainable Compliance for the Payment Card Industry Data Security Standard Introduction... 2 Oracle Products and PCI Solution Map... 3 The Challenges of PCI Data Protection...

More information

Larry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping

Larry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control

More information

Database Security. Oracle Database 12c - New Features and Planning Now

Database Security. Oracle Database 12c - New Features and Planning Now Database Security Oracle Database 12c - New Features and Planning Now Michelle Malcher Oracle ACE Director Data Services Team Lead at DRW IOUG, Board of Directors Author, Oracle Database Administration

More information

Oracle vs. SQL Server. Simon Pane & Steve Recsky First4 Database Partners Inc. September 20, 2012

Oracle vs. SQL Server. Simon Pane & Steve Recsky First4 Database Partners Inc. September 20, 2012 Oracle vs. SQL Server Simon Pane & Steve Recsky First4 Database Partners Inc. September 20, 2012 Agenda Discussions on the various advantages and disadvantages of one platform vs. the other For each topic,

More information

<Insert Picture Here> Oracle Secure Backup 10.3 Secure Your Data, Protect Your Budget

<Insert Picture Here> Oracle Secure Backup 10.3 Secure Your Data, Protect Your Budget Oracle Secure Backup 10.3 Secure Your Data, Protect Your Budget Program Agenda Oracle Secure Backup Overview What s New in Oracle Secure Backup 10.3 Ease of Management Data Protection:

More information

Alliance Key Manager Solution Brief

Alliance Key Manager Solution Brief Alliance Key Manager Solution Brief KEY MANAGEMENT Enterprise Encryption Key Management On the road to protecting sensitive data assets, data encryption remains one of the most difficult goals. A major

More information

Did you know your security solution can help with PCI compliance too?

Did you know your security solution can help with PCI compliance too? Did you know your security solution can help with PCI compliance too? High-profile data losses have led to increasingly complex and evolving regulations. Any organization or retailer that accepts payment

More information

2009 Oracle Corporation 1

2009 Oracle Corporation 1 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material,

More information

An Oracle White Paper April 2014. Oracle Audit Vault and Database Firewall

An Oracle White Paper April 2014. Oracle Audit Vault and Database Firewall An Oracle White Paper April 2014 Oracle Audit Vault and Database Firewall Introduction... 2 Oracle Audit Vault and Database Firewall Overview... 3 Auditing and Monitoring Overview... 3 Audit Vault... 4

More information

Oracle EXAM - 1Z0-528. Oracle Database 11g Security Essentials. Buy Full Product. http://www.examskey.com/1z0-528.html

Oracle EXAM - 1Z0-528. Oracle Database 11g Security Essentials. Buy Full Product. http://www.examskey.com/1z0-528.html Oracle EXAM - 1Z0-528 Oracle Database 11g Security Essentials Buy Full Product http://www.examskey.com/1z0-528.html Examskey Oracle 1Z0-528 exam demo product is here for you to test the quality of the

More information

2012 Data Breach Investigations Report

2012 Data Breach Investigations Report 2012 Data Breach Investigations Report A study conducted by the Verizon RISK Team with cooperation from the Australian Federal Police, Dutch National High Tech Crime Unit, Irish Reporting & Information

More information

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits A Clear View of Challenges, Solutions and Business Benefits Introduction Cloud environments are widely adopted because of the powerful, flexible infrastructure and efficient use of resources they provide

More information

ORACLE DATABASE 10G ENTERPRISE EDITION

ORACLE DATABASE 10G ENTERPRISE EDITION ORACLE DATABASE 10G ENTERPRISE EDITION OVERVIEW Oracle Database 10g Enterprise Edition is ideal for enterprises that ENTERPRISE EDITION For enterprises of any size For databases up to 8 Exabytes in size.

More information

Oracle Database Security Services

Oracle Database Security Services Oracle Database Security Services BUSINESS CHALLENGES Public announcements of major IT security breaches have become an almost daily occurrence. The causes of publicized breaches are diverse and include

More information

Why Add Data Masking to Your IBM DB2 Application Environment

Why Add Data Masking to Your IBM DB2 Application Environment Why Add Data Masking to Your IBM DB2 Application Environment dataguise inc. 2010. All rights reserved. Dataguise, Inc. 2201 Walnut Ave., #260 Fremont, CA 94538 (510) 824-1036 www.dataguise.com dataguise

More information

APPLICATION MANAGEMENT SUITE FOR SIEBEL APPLICATIONS

APPLICATION MANAGEMENT SUITE FOR SIEBEL APPLICATIONS APPLICATION MANAGEMENT SUITE FOR SIEBEL APPLICATIONS USER EXPERIENCE MANAGEMENT SERVICE LEVEL OBJECTIVE REAL USER MONITORING SYNTHETIC USER MONITORING SERVICE TEST KEY PERFORMANCE INDICATOR PERFORMANCE

More information

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. CONTENTS 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. Conclusion 1. EXECUTIVE SUMMARY The advantages of networked data storage technologies such

More information