1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Similar documents
Oracle Database Security

Complete Database Security. Thomas Kyte

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Protecting Sensitive Data Reducing Risk with Oracle Database Security

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Oracle Database Security. Paul Needham Senior Director, Product Management Database Security

<Insert Picture Here> Oracle Database Security Overview

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Securing Data in Oracle Database 12c

Oracle Audit Vault and Database Firewall

Oracle Identity Management Securing The New Digital Experience

Database Security & Compliance with Audit Vault and Database Firewall. Pierre Leon Database Security

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Hayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks

Oracle Audit Vault and Database Firewall. Morana Kobal Butković Principal Sales Consultant Oracle Hrvatska

An Oracle White Paper June Oracle Database 11g: Cost-Effective Solutions for Security and Compliance

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

Making Database Security an IT Security Priority

Data Security: Strategy and Tactics for Success

Intelligent Security Design, Development and Acquisition

<Insert Picture Here> How to protect sensitive data, challenges & risks

An Oracle White Paper June Security and Compliance with Oracle Database 12c

<Insert Picture Here> Oracle Database Vault

Managing Oracle E-Business Suite Security

Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan

An Oracle White Paper April Oracle Audit Vault and Database Firewall

Database Security and Auditing: Leading Practices. Rob Barnes Director, Enterprise Auditing Solutions Application Security, Inc.

MySQL Security: Best Practices

An Oracle White Paper April Security and Compliance with Oracle Database 12c

Why Add Data Masking to Your IBM DB2 Application Environment

Oracle Information Security Visioni

Guardium Change Auditing System (CAS)

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Additional Security Considerations and Controls for Virtual Private Networks

Database Security Questions HOUG Fehér Lajos. Copyright 2015, Oracle and/or its affiliates. All rights reserved.

Database Auditing: Best Practices. Rob Barnes, CISA Director of Security, Risk and Compliance Operations

Governance, Risk & Compliance for Public Sector

Application Monitoring for SAP

2012 Data Breach Investigations Report

05.0 Application Development

An Oracle White Paper January Oracle Database Firewall

How To Manage Security On A Networked Computer System

Enterprise Security Solutions

Oracle Database Security Solutions

Formulate A Database Security Strategy To Ensure Investments Will Actually Prevent Data Breaches And Satisfy Regulatory Requirements

Securing OS Legacy Systems Alexander Rau

Security Compliance and Data Governance: Dual problems, single solution CON8015

An Oracle White Paper January Oracle Database Firewall

White Paper. Protecting Databases from Unauthorized Activities Using Imperva SecureSphere

Obtaining Value from Your Database Activity Monitoring (DAM) Solution

Oracle Privileged Account Manager 11gR2. Karsten Müller-Corbach

With Great Power comes Great Responsibility: Managing Privileged Users

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

8 Steps to Holistic Database Security

Securing SharePoint 101. Rob Rachwald Imperva

A Database Security Management White Paper: Securing the Information Business Relies On. November 2004

McAfee Database Security. Dan Sarel, VP Database Security Products

Payment Card Industry Data Security Standard

White Paper. Managing Risk to Sensitive Data with SecureSphere

Securing and protecting the organization s most sensitive data

The Cloud App Visibility Blindspot

<Insert Picture Here> Application Change Management and Data Masking

SANS Top 20 Critical Controls for Effective Cyber Defense

Comprehensive Approach to Database Security

10 Building Blocks for Securing File Data

Privileged. Account Management. Accounts Discovery, Password Protection & Management. Overview. Privileged. Accounts Discovery

Seven Things To Consider When Evaluating Privileged Account Security Solutions

Oracle Database 11g: Security Release 2. Course Topics. Introduction to Database Security. Choosing Security Solutions

Take Control of Identities & Data Loss. Vipul Kumra

Data-Centric Security vs. Database-Level Security

PCI Compliance in Oracle E-Business Suite

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Security Solution Architecture for VDI

IT Security & Compliance. On Time. On Budget. On Demand.

A Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards

Data Management Policies. Sage ERP Online

Installing and Configuring Guardium, ODF, and OAV

Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.

Transcription:

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Proteggere i dati direttamente nel database Una proposta tecnologica Angelo Maria Bosis Sales Consulting Senior Manager 2 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

What is an Advanced Persistent Threat? Cybercrime directed at political, infrastructure, and business targets 3 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

What are APTs Ultimately After? Two Thirds of Sensitive and Regulated Information now Resides in Databases and Doubling Every Two Years Classified Govt. Info. Trade Secrets HR Data Citizen Data Credit Cards Customer Data Financial Data Competitive Bids Corporate Plans Source Code Bug Database Source: IDC, "Effective Data Leak Prevention Programs: Start by Protecting Data at the Source Your Databases", August 2011 4 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Database Sprawl Makes Attacking Easier! 5 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Are Databases Adequately Protected? Network Security Forrester estimates that although 70% of enterprises have an information security plan, only 20% of enterprises have a database security plan. Authentication Security Email Security Database Security Endpoint Security Vulnerability Management Source: Forrester Research Inc., Creating An Enterprise Database Security Plan, July 2010 6 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Limited Database Controls 70% System users can read/tamper data stored in database files or storage 76% Cannot prevent DBAs from reading/modifying data 68% Cannot detect if database users are abusing privileges 63% Vulnerable to SQL injection attacks or not sure 48% Copy sensitive production data to non-production environments 31% Likely to get breached over the coming year Source: 2010 Independent Oracle User Group Data Security Report 7 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Most Records Lost from Database Servers Type Category % Breaches % Records Database Server Servers & Applications 25% 92% Desktop Computer End-User Devices 21% 1% How were these records breached? 89% using SQL injection 86% using stolen credentials By exploiting legitimate access to databases! Source: 2010 Verizon Data Breach Investigations Report 8 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Sources of Vulnerability Test & Dev Partners Applications Configuration Administrative Accounts Operations Access to production data in non-secure environment Access to production systems for trouble shooting SQL Injection attack from outside Application bypass Security configuration parameters Security patches System administrators, DBAs, Application Administrators Stolen credentials, Inadequate training, Malicious insiders Direct OS access Lost / stolen backups 9 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Oracle Database Security Platform Transparent Data Encryption, Privileged User Controls, Multi-Factor Authorization, Data Classification, and Change Tracking Maximum Security for Oracle Databases: Oracle Advanced Security Oracle Database Vault Oracle Label Security Oracle Total Recall Database Activity Auditing and Reporting, SQL Traffic Monitoring and Blocking, Real-Time Alerting, Workflow Automation Security for Oracle and non-oracle Databases Outside the Database: Oracle Audit Vault Oracle Database Firewall Secure Configuration Scanning, Automated Patching, Configuration Change Control, Sensitive Data Discovery, Data Masking Security for Production and non- Production Database Environments: Oracle Database Lifecycle Oracle Enterprise Manager Oracle Data Masking 10 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Oracle Advanced Security Transparent Data Encryption Disk Backups Application Exports Off-Site Facilities Protects from unauthorized OS level or network access Efficient encryption of all application data Built-in key lifecycle management No application changes required 11 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Oracle Database Vault Privileged User and Operational Controls Procurement Application HR Finance select * from finance.customers Limit default powers of privileged users Enforce policy rules inside the database Violations audited, secured and sent to Oracle Audit Vault No application changes required DBA 12 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Oracle Database Firewall First Line Of Defense Monitors database activity, and prevents attacks and SQL injections White-list, black-list, and exception-list based security policies based upon highly accurate SQL grammar based analysis In-line blocking and monitoring, or out-of-band monitoring modes 13 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Oracle Audit Vault Trust But Verify Consolidate database audit trail into secure centralized repository Detect and alert on suspicious activities, including privileged users Out-of-the box compliance reports for SOX, PCI, and other regulations E.g., privileged user audit, entitlements, failed logins, regulated data changes Streamline audits: report generation, notification, attestation, archiving, etc. 14 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Oracle Data Masking Irreversibly De-Identify Data for Non-Production Use LAST_NAME SSN Production SALARY Test LAST_NAME SSN SALARY AGUILAR 203-33-3234 60,000 BENSON 323-22-2943 40,000 SMITH 111-23-1111 60,000 MILLER 222-34-1345 40,000 Make application data securely available in non-production environments Prevent application developers and testers from seeing production data Extensible template library and policies for data masking automation new format preserving masking Referential integrity automatically preserved so applications continue to work Integration with Real Application Testing and Test Data Management 15 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Database Security Big Picture 16 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

Oracle Database Security Key Differentiators High Performance, Accurate Defense-in-Depth Security Platform Securing through the Life Cycle Transparently Support Existing Applications Heterogeneous Support 17 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

What s Your Next Move? 1 Know where is the sensitive data 2 Scan, assess, patch, audit your databases 3 Database Firewall as first line of defense 4 Control the privileged users 5 Encrypt and mask sensitive data 18 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

19 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

20 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information