Main

Database Vault Archives

July 29, 2009

Deploying Oracle Database Vault to protect JD Edwards Application Data Just Got Easier

By roxana.bradescu on July 29, 2009 10:29 AM

Oracle Database Vault has now been certified with Oracle JD Edwards EnterpriseOne and you can download default policies to make deployment even easier. The default policies will establish the following realms:

  • Application Protection Realm to prevent privileged users from accessing sensitive information;
  • Configuration Protection Realm to protect the application meta data against unauthorized changes; and,
  • Command Rule to authorize the JD Edwards application connections to the Oracle Database based on IP address and client application.

    Whta do these policies do? The first one limits privileged database users like DBAs from accessing the application data. They can still perform operational database functions but just can't read or update the data.

    The second one protects the application itself by making sure there are no unauthorized changes to the application meta data that determines application behavior.

    The third policy prevents access to the application data stored in the database from their desktop using Toad or some other ad-hoc query tool they can just download off the Internet.

    Database Vault works inside the Oracle database so it's transparent to the JD Edwards applications. The default policies are just to get you started and make deployment faster. You can also add additional policies or customize the default ones. With Database Vault you can pretty much control every aspect of who, how, where, and when data is accessed so you can enforce pretty much any database security policy. For example, one customer added a policy that prevents any JD Edwards EnterpriseOne schema changes during their business hours.

    You can read the full announcement here and learn more about Oracle Database Vault by downloading our free resource kit.

    • AddThis Social Bookmark Button

    August 13, 2009

    Learn how customers rely on Oracle to protect their business

    By roxana.bradescu on August 13, 2009 7:53 PM

    The most recent issue of Oracle Magazine features a great article on Oracle customers that rely on Oracle Database Security and Identity Management solutions to protect their business. Click here to read it now.


    AddThis Social Bookmark Button

    November 5, 2009

    Oracle Database Vault Increases Security of SAP Application Data

    By roxana.bradescu on November 5, 2009 11:39 PM

    Oracle Database Vault is now certified for use with SAP applications. With Oracle Database Vault, protective realms around SAP application database objects can be established to prevent privileged database users from accessing sensitive data and to enforce separation of duties among privileged database users.

    Oracle Database Vault provides the following default realms to protect the SAP application and data within the database:


    • Application Protection Realms for ABAP™ and the Java stacks: Protects all the sensitive SAP business data against unauthorized access from the privileged database users, and maintains the integrity of the SAP database structures;

    • Application Administration Realm for BR*Tools: Securely protects the integrity of all Oracle Database objects such as tables and indexes that are used by the BR*Tools and guards against unauthorized changes from other privileged database users;

    • Application Protection Realm for Admin Roles: protects SAP administration roles including SAPCONN, SAPDBA, SAPCRED, and SAPSYS from being granted except by the authorized administrator, and provides separation of duty; and,

    • Application Credential Protection Realm: protects the SAP application credential data from any unauthorized access or changes by privileged database user, and enhances separation of duty.

    Using the certified Oracle Database Vault command rules for SAP, organizations can also ensure that database users cannot by-pass SAP application security features and access SAP application data directly using ad-hoc database query tools. Customers can further customize these default rules and add rules to address additional security requirements. Oracle Database Vault comes with numerous pre-defined command rule factors such as time of day, day of week and system address, and organizations can build custom factors using the Oracle Database Vault API.

    SAP application data can be further protected using Oracle Advanced Security, which was previously certified for SAP. Oracle Advanced Security provides Transparent Data Encryption to prevent unauthorized access to SAP application data outside the database, and complements Oracle Database Vault protection for SAP application data within the database.

    Download a free, evaluation version of Oracle Database Vault (terms, conditions and restrictions apply) and the Oracle Database Vault for SAP Resource Kit which includes demos, step-by-step tutorials, and more info to get you started.

    AddThis Social Bookmark Button

    Search All Blogs

    Google Search


    Only search this blog

    About Database Vault

    This page contains an archive of all entries posted to Security Inside Out in the Database Vault category. They are listed from oldest to newest.

    Database Security is the previous category.

    FREE Database Security Events is the next category.

    Many more can be found on the main index page or by looking through the archives.

    Top Tags

    RSS

    Subscribe to this blog's feed
    Powered by
    Movable Type and Oracle