By roxana.bradescu on July 29, 2009 10:29 AM
Oracle Database Vault has now been certified with Oracle JD Edwards EnterpriseOne and you can download default policies to make deployment even easier. The default policies will establish the following realms:
Application Protection Realm to prevent privileged users from accessing sensitive information;
Configuration Protection Realm to protect the application meta data against unauthorized changes; and,
Command Rule to authorize the JD Edwards application connections to the Oracle Database based on IP address and client application.
Whta do these policies do? The first one limits privileged database users like DBAs from accessing the application data. They can still perform operational database functions but just can't read or update the data.
The second one protects the application itself by making sure there are no unauthorized changes to the application meta data that determines application behavior.
The third policy prevents access to the application data stored in the database from their desktop using Toad or some other ad-hoc query tool they can just download off the Internet.
Database Vault works inside the Oracle database so it's transparent to the JD Edwards applications. The default policies are just to get you started and make deployment faster. You can also add additional policies or customize the default ones. With Database Vault you can pretty much control every aspect of who, how, where, and when data is accessed so you can enforce pretty much any database security policy. For example, one customer added a policy that prevents any JD Edwards EnterpriseOne schema changes during their business hours.
You can read the full announcement here and learn more about Oracle Database Vault by downloading our free resource kit.
By roxana.bradescu on July 30, 2009 8:00 AM
It's Thursday July 30. You're in San Diego attending Burton Group's Catalyst Conference. You're enjoying the sessions, learning a lot, etc. etc. But what 's really on your mind is which vendor hospitality suite are you going to tonight ;-) So let me help you answer that so you can focus on the sessions, the don't miss hospitality suite tonight will be the Oracle CSI (Catalyst Security Interactive) Research Lab. I don't want to spoil the surprise, but hope you like jello!
See you there!!!
By roxana.bradescu on July 31, 2009 8:00 AM
With tightened budgets, how can you improve information security while complying with regulatory mandates? And save money? The answers are at NetworkWorld’s Security Inside Out Summit, exclusively hosted by Oracle in nine North America cities. When you attend, you’ll meet industry experts, and learn about:
• New approaches to identity management and database security
• Proven practices for securing applications and data
• Strategies for automating compliance auditing and reporting
• Advancements in online fraud prevention and entitlements management
• Transparent data encryption and privileged user controls you can deploy today
To register, click here. And don't wait, space is limited!
