Subscribe

Share

Security

Automatic. Secure. Integrated.

How automation frees up database teams to focus on security

By Michelle Malcher

Winter 2018

With data theft being the biggest cybersecurity threat the world over, there are growing concerns about safeguarding the valuable information stored in databases. According to a recent Verizon report on data breaches, more than 1,900 such security breaches were reported in 2017 alone. The news regularly highlights new cyberattacks as they occur, and security teams are working around the clock maintaining secure configurations and managing access privileges in order to avoid becoming the next headline.

Michelle Malcher

Michelle Malcher, Oracle ACE Director and Security Architect at Extreme Scale Solutions

In the enterprise, everyone from CEOs to DBAs is asking questions about how to prevent data theft. Oracle’s new autonomous database, Oracle Database 18c, addresses these concerns by using automation, the enhanced security of Oracle Cloud, and integration with additional security applications to protect valuable company and customer data.

Here are three ways Oracle Database 18c can improve data security.

1. Automatic application of security patches. DBAs and database managers understand how much work is needed to apply security patches to databases in a very large environment. They must make significant budget requests, often on a quarterly basis, for resources to perform the work. With automated patching, large environments can be patched in a consistent and efficient way as soon as vulnerabilities are recognized and fixed. Because human intervention is not needed to apply patches, manual mistakes are limited. Automated patching also means that DBAs don’t need to grant additional privileges to others to perform the required tasks, giving fewer people access to sensitive data.

In the enterprise, everyone from CEOs to DBAs is asking questions about how to prevent data theft.”

2. The security of Oracle Cloud. The enhanced security features of Oracle Cloud are built into Oracle Database 18c. For example, data on the server and in backups is encrypted, and DBAs are not able to make changes to configurations to allow more access to the data. Using encryption and access controls reduces the risk of unauthorized database access. There is also a natural separation of duties in the cloud environment that limits what an attack can do—access to the server and the database are separate. The standardization of the cloud environment offers consistent ways to monitor and audit the environment, because every database has the same security in place and differences will stand out. Risk is reduced by utilizing data protection features in Oracle Database 18c to monitor abnormal behavior or inappropriate database access.

3. Integration with additional security features. Oracle Database 18c can utilize other security features that are available in Oracle Cloud, such as Oracle Security Monitoring and Analytics Cloud Service. Used with Oracle Database 18c, this service’s applied machine learning capabilities can quickly detect risks and possible attacks from both internal and external sources. The database can utilize the details discovered by security monitoring to adapt a security posture by implementing changes in configurations.

Instead of worrying about how to apply, test, and configure the databases for security patching, database teams are able to focus on how to thwart future cyberthreats.”

Because Oracle Database 18c is handling the resource-intensive patching with automated processes, DBAs are available to review the security intelligence and use analytics to continue to secure the databases. From a database management perspective, this service provides a very powerful tool to find vulnerabilities and allow for continuous improvements that are complementary with the automated processes.

Oracle Database 18c provides mitigation for the risks of delayed security patching and the errors that stem from manual processes. Attacks are going to come through the weakest point—such as known vulnerabilities—and shorter patching cycles reduce these opportunities. Instead of worrying about how to apply, test, and configure the databases for security patching, database teams are able to focus on how to thwart future cyberthreats.

Action Item

Oracle Autonomous Database

Photography by Paul S. Howell, iStock.com/baona