X

Lead with the Oracle Cloud Platform. Learn the latest on our complete integrated PaaS and IaaS platform.

Oracle Autonomous Database Helps Eliminate Costly Data Breaches

Guest Author

This post was contributed by Ilona Gabinsky, Principal Product Marketing Manager.

Data breaches continue to grow every year around the world. Cyber criminals are getting smarter and better able to circumvent security measures. Even the most secure firewalls, intrusion detection, and data loss prevention solutions can’t protect against an employee accidentally downloading malware by clicking on the wrong email, a security patch in a timely manner, or a simple misconfiguration that leaves an entire database open to intrusion.

Every Year, Verizon publishes the Verizon Data Breach Investigations Report, derived from real-world data. This report accumulates information from the Verizon Risk Team, The United States Secret Service, The European Union, the Center for Internet Security, and other security teams. According to that report, in 2019 alone there were 41,686 security incidents, including 2,013 confirmed data breaches.  And when you look at the quantity of data stolen, databases are a popular target that account for a large share.

What if you could automate the fight? Get ahead of the hacker with a built-in army of “robot cyber warriors” to protect your data automatically, have all patches automatically applied, configurations self-tuned and optimized? That is why Oracle released the industry’s first Autonomous Database.

Oracle Autonomous Database

Oracle Autonomous Database is a cloud database that uses machine learning to automate database tuning, security, backups, updates, and other routine management tasks traditionally performed by DBAs. Unlike a conventional database, an autonomous database performs all these tasks and more without human intervention. It is self-driving, self-securing, and self-repairing. To help DBAs stay ahead of security threats, Oracle Autonomous Database is self-securing. It protects you from external hackers as well as malicious internal users. It encrypts all of your data, automatically—ensuring comprehensive data protection. It applies security updates, automatically—while your system is running – with no down time. And, Oracle Autonomous Database is self-repairing to automatically reduce the risk of human errors and the downtime they can generate.

Oracle Self-Securing Capabilities Under the Hood

The Oracle Autonomous Database’s self-securing capability is comprised of three main areas: automated patching and upgrades, automatic encryption by default at rest and in motion, and separation of duties and auditing.

 

Automated Patching and Upgrades and why it is important.

Patch updates are collections of security fixes for Oracle products, and are critical to keep the database up to date.  Organizations big and small need patching to avoid being attacked  by cyber criminals, yet most companies admit that they find it hard to apply patches quick enough. Annually, organizations are spending 18,000 hours at a cost of $1.1m on patching activities, according to the Ponemon Institute research, based on a survey of 3,000 security professionals across nine countries. According to Oracle, if you are a large Oracle customer with 15,000 databases you could spend on average 45,000 hours per year and $3.52M dollars just on patching. Even if you are an SMB with 20 databases you will spend approximately 60 hours per year and $240K. Now, consider how many skilled DBAs you would need?

You, as an organization could decide to be selective and not to patch that often, but what is the trade off? A study showed that the global average cost of a single data breach is nearly US$ 4 million - and getting more expensive each year.

With Autonomous Database Security patching is automated. The security patches are applied automatically without any downtime in the application which dramatically reduces the cost to you as a customer.

Oracle Autonomous Database encrypts data by default, whether at rest or in motion. Data is transferred from storage to processing nodes encrypted. It is even kept encrypted in cache, which is enabled automatically.

  • Encryption of data in motion – Each Autonomous Database service is automatically configured to use industry-standard TLS 1.2 to encrypt data in transit between the database service and clients or applications. Required client certificates and networking information are automatically packaged for the service consumer when the service is provisioned.
  • Encryption of data at rest – Data in the Autonomous Database is automatically encrypted using Oracle Transparent Data Encryption.
  • Key Management- Oracle Cloud Infrastructure offers Key Management, a managed service that enables you to encrypt your data using keys that you control

Separation of duties

Of course, you want to ensure that only the right people can access the right data at the right time. Oracle Autonomous Database leverages proven technologies like Database Vault and the Pluggable Database Lockdown profiles to isolate database administration (managed by Oracle) from data administration (managed by the Autonomous Database customer). This not only reduces the risk of administrator malfeasance, but it also eliminates the ability of the service administrators to view or modify data stored in the Autonomous Database.

Auditing

Oracle Autonomous Database leverages Oracle Unified Audit to capture security-relevant activity such as login failures, changes to users, including creation of new accounts and grants of privileges or roles, and changes to database structures, including tables, procedures, and synonyms.

Oracle Data Safe allows customers to identify sensitive data and mask it, flag risky users and system configurations, and monitor database activity to quickly discover suspicious attempts to access data, all in a single, unified database security control center.

Data Safe includes the following capabilities:

  • Security Assessment
  • User Assessment
  • Activity Auditing
  • Data Discovery
  • Data Masking

Dedicated Infrastructure

In a dedicated environment, the Oracle Autonomous Database instance is completely dedicated to the subscribing customer, and isolated from all other cloud tenants. It resides on a dedicated Exadata cloud infrastructure, with no shared processor, memory, or storage resources. Such infrastructure may be required by some data security regimes, including regulatory or internal compliance standards.

Secure By Design

Protecting the value of your data has never been more important. And it’s something even the most powerful IT security team can’t do on their own. By facing the reality of a potential data breach with the power of self-securing capabilities, you protect your data, your brand, and your reputation. Keep your data more secured and reduce the risk of costly data breaches with Oracle Autonomous Database. Download Oracle Cloud Free Tier and get access to Oracle’s self-securing Autonomous Database today.

 

Additional Resources:

New Report: "Cloud Security for Dummies"

IDC Whitepaper: Security of Autonomous Database

OCI Security Architecture Whitepaper

Follow us on:

Twitter: https://twitter.com/oracledatabase   

Facebook: https://www.facebook.com/OracleDatabase

LinkedIn: https://www.linkedin.com/groups/3616890/

Blog: https://blogs.oracle.com/database/

 

 

 

 

 

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.