Tuesday Aug 27, 2013

Focus On Database Security at Oracle OpenWorld, 2013

Plan for Oracle OpenWorld with the most recent Focus On Database Security content!

Oracle OpenWorld is Sept 22-26, 2013 in San Francisco and this Focus On Database Security organizes all database security content including, sessions, hands-on-labs, and demos . This document is subject to change, so check back as we get closer to OpenWorld.

Here's a brief summary:

General Sessions

  • Oracle Database 12c—Engineered for Clouds and Big Data
  • Security Inside-Out with Oracle Database 12c

Conference Sessions

  • Oracle Database 12c Real Application Security for Oracle Application Express
  • Oracle Audit Vault and Database Firewall: First Line of Defense in Data Security
  • Introducing Oracle Key Vault: Enterprise Database Encryption Key Management
  • New Security Capabilities in Oracle Database 12c
  • Oracle Audit Vault and Database Firewall: Deployment Best Practices
  • Oracle Exadata Database Machine Security Best Practices
  • Oracle Database Security Solutions Customer Panel: Real-World Case Studies
  • DBA Best Practices for Protecting Data Privacy with Oracle’s Data Masking
  • Sensitive Data Redaction with Oracle Database 12c
  • Oracle Database Transparent Data Encryption Best Practices
  • Privileged Database User Security Best Practices

HOL (Hands-on Lab) Sessions

  • Database Activity Monitoring, Firewall, and Auditing
  • Hands-on Lab: New Security Capabilities in Oracle Database 12c
  • Database Activity Monitoring, Firewall, and Auditing

Demos

  • Oracle Advanced Security Encryption   
  • Oracle Advanced Security Redaction   
  • Oracle Audit Vault and Database Firewall
  • Oracle Database Vault and Oracle Label Security

See the complete Focus On Database Security here.

Tuesday Aug 13, 2013

Data Redaction: New for Oracle Database 12c

New to Oracle Advanced Security, Data Redaction provides selective, on-the-fly redaction of sensitive data in SQL query results prior to application display so that unauthorized users cannot view the sensitive data. It enables consistent redaction of database columns across application modules accessing the same database information. Data Redaction minimizes changes to applications because it does not alter actual data in internal database buffers, caches, or storage, and it preserves the original data type and formatting when transformed data is returned to the application. Data Redaction has no impact on database operational activities such as backup and restore, upgrade and patch, and high availability clusters.

Unlike historical approaches that relied on application coding and new software components, Data Redaction policies are enforced directly in the database kernel. Declarative policies can apply different data transformations such as partial, random, and full redaction. Redaction can be conditional, based on different factors that are tracked by the database or passed to the database by applications such as user identifiers, application identifiers, or client IP addresses. A redaction format library provides pre-configured column templates to choose from for common types of sensitive information such as credit card numbers and national identification numbers. Once enabled, polices are enforced immediately, even for active sessions

For more information on data redaction:

Tuesday Aug 06, 2013

Learn About The Latest Security Innovations in Oracle Database 12c

More Security Capabilities Than Ever Before 

Join us Thursday, August 15, 2013 at 10:00 a.m. PT / 1:00 p.m. ET for Security Inside Out: Latest Innovations in Oracle Database 12c Webcast (Webcast will be recorded, so you can still use this link)

Did you know that Oracle Database 12c includes more new security capabilities than any other prior release? In this webcast you will learn about these capabilities, as well as innovative new solutions to protect Oracle Database instances and non-Oracle databases.

Join us to hear how Oracle is responding to customer requirements. Discover how Oracle Database 12c helps businesses stay ahead of the evolving security threat and regulatory landscape with preventive and detective security controls that include:

  • Sensitive data discovery
  • Real-time data redaction
  • Privilege analysis

Plug into Defense-in-Depth with Oracle Database 12c

Designed for the Cloud, the new multitenant architecture of Oracle Database 12c now enables customers to greatly simplify and accelerate database consolidation by enabling the management of hundreds of databases as one. To protect the unprecedented amounts of data customers will store within their databases, Oracle Database 12c also introduces more security capabilities than any previous Oracle Database release.

“Oracle Database 12c represents a complete shift in database technology. With the growing amount of stored data, these new multitenant databases will be targeted by both hackers and insiders, and scrutinized by auditors more than ever,” says Vipin Samar, vice president, database security product development, Oracle. “It’s imperative that customers take advantage of the new security capabilities in Oracle Database 12c to protect their data and database infrastructure.”

Key new capabilities to help customers mitigate risks and address compliance requirements include:

Data Redaction. Part of Oracle Advanced Security, Data Redaction complements transparent data encryption (TDE) by ensuring sensitive data is not exposed to users of current applications. While TDE protects information from database bypass attacks at the operating system level, Data Redaction conditionally redacts sensitive data in the outgoing result set by replacing original data with **** or any other fixed or random string of choice based upon the customer requirements. Data is redacted based on simple declarative policies that take into account rich database session context such as IP address, program name, and application user. The original data remains unaltered along with existing operational procedures.

Privilege Analysis. Part of Oracle Database Vault, Privilege Analysis can harden database access by identifying users’ or applications’ unused privileges and roles based upon the actual roles and privileges used at runtime on production servers. Typically over time, applications and users amass powerful privileges and roles that may no longer be necessary. Finding the set of used roles and privileges is important because it helps identify the minimal set required and allows unused privileges to be revoked, reducing the attack surface.

Database Vault also enables customers to realize the full potential of Oracle Database 12c multitenant-based consolidation by preventing common database administrators from accessing application data stored in a pluggable database. With three distinct separation-of-duty controls, Database Vault is critical to regulatory compliance in multitenant environments.

Conditional Auditing. Oracle Database 12c introduces a new auditing framework that creates audit records based on the context of the database session. For example, an audit policy can be defined to audit all SQL statements unless they are coming from the application server’s IP address and with the given program name. Out-of-policy connections can be fully audited while no audit data will be generated for others, enabling highly selective and effective auditing.

New roles have been introduced for managing audit data and audit policies inside the database. Audit data integrity is further protected by restricting management to the built-in audit data management package, preventing audit trail tampering using ad hoc SQL commands. Multiple audit statements can be grouped together for easier management. Three default audit policies are configured and shipped out of the box.

Additionally, Oracle Audit Vault and Database Firewall now supports Oracle Database 12c, and can be used to collect, consolidate, alert and report on audit data from Oracle and non-Oracle databases and operating systems. Oracle Audit Vault and Database Firewall can also monitor Oracle Database 12c SQL activity over the network, blocking any unauthorized activity such as SQL injection attacks, or insider abuse.

Sensitive Data Discovery and Management. Locating and cataloging sensitive data is more critical than ever. Oracle Enterprise Manager Data Discovery and Modeling (DDM) and Sensitive Data Discovery (SDD) facilitate the process of locating sensitive data within an application and applying security controls on that data. In addition, the new Oracle Database 12c Transparent Sensitive Data Protection (TSDP) can load sensitive information from Oracle Enterprise Manager Data Discovery and Modeling into the Oracle database and apply security controls such as Data Redaction. This greatly reduces the operational burden of managing sensitive data consistently in Oracle Database 12c environments.

Real Application Security. Oracle Database 12c introduces the next generation authorization framework to support the increased application security requirements in multitenant environments. Unlike the traditional Oracle VPD, Oracle Database 12c Real Application Security (RAS) provides a declarative model that allows developers to define the data security policy based on application users, roles and privileges within the Oracle Database. This new RAS-based paradigm is more secure, scalable, and cost effective.

In addition to these critical new capabilities, Oracle Database 12c greatly strengthens the overall database security posture with new Oracle Database Vault realm controls, Oracle Advanced Security TDE key management, Oracle Enterprise Manager Security Console, and more.

All the security capabilities available in Oracle Database 12c are compatible with the new multitenant architecture in Oracle Database 12c. As a result, customers can quickly and efficiently address the unique security requirements of each pluggable database. The security policies move with the pluggable database when it is unplugged from one and plugged into a new Oracle Database 12c multitenant server.

Learn more about Oracle Database Security

Monday Jul 08, 2013

Oracle Database 12c Launch Webcast Featuring Security

 

Security A Key Part of Introducing Oracle Database 12c Webcast

More information is coming out as we introduce the next edition of Oracle Database 12c, including more new security capabilities than any other release in Oracle history! During the webcast featuring Mark Hurd, Andy Mendelsohn, and Tom Kyte, you'll also hear from Vipin Samar, Vice President of Oracle Database Security as he highlights some of these new features including sensitive data redaction and privilege analysis.

This is a must-see event, so register now for the July 10th webcast: Introducing Oracle Database 12c.

Plus, we'll have some security experts on hand to answer your questions via the chat console.

Tuesday Jun 25, 2013

Latest Edition of Security Inside Out Newsletter Now Available

The latest edition of Security Inside Out newsletter is now available. If you don't get this bi-monthly security newsletter in your inbox, then subscribe to get the latest database security news. This bi-monthly edition includes:

Q&A: Oracle CSO Mary Ann Davidson on Meeting Tomorrow's Security Threats

Oracle Chief Security Officer Mary Ann Davidson shares her thoughts on next-generation security threats.  Read More

New Study: Increased Security Spending Still Not Protecting Right Assets

Despite widespread belief that database breaches represent the greatest security risk to their business, organizations continue to devote a far greater share of their security resources to network assets rather than database assets, according to a new report issued by CSO and sponsored by Oracle. Read More


Thursday Jun 13, 2013

Why Rabobank Chose Oracle Database Vault

Rabobank was faced with two major challenges: addressing international compliance requirements and protecting sensitive data from privileged database users. In this podcast, Niels Zegveld, manager of database administration, tackled these challenges using Oracle Database Vault, without impacting system performance or applications.

Niels manages the database team that supports the investment banking business. The team runs Oracle Database 11g and Oracle Enterprise Manager to manage the maintenance of their databases. They have a mix of applications including Oracle FLEXCUBE and custom-built solutions.

Addressing Regulatory Requirements and Demonstrating Separation of Duties

Being an international bank, Rabobank must comply with mulitple regulations and regulatory bodies, including the Dutch National Bank and the FSA. As part of these regulations, Rabobank had to demonstrate that employees, or applications, that have access to sensitive data are the only ones that are authorized to have access.

The requirements of separtion of duties and securing sensitive financial data were originally handed over to the security department. Their first instinct was to look at solutions that were outside of the database, however, none of the solutions were able to cover the requirements. This lead the security team to begin discussions with the database team to find out what suggestions they could offer. Niels' team was able to come up with a solution that would support all  requirements and be easy to manage.

Oracle Database Vault

Working with Oracle security experts and Oracle Database Vault, Rabobank is addressing best practices of separtion of duties and least privilege while protecting sensitive data from privileged users. Niels is happy to say they have passed their audits and found that performance tests show neglible impact to their systems and users. 

Listen to the entire podcast to learn more.  

About Rabobank

According to Hoovers, Rabobank Group was founded as a cooperative of Dutch agricultural banks in 1898, the company has some 140 member banks that have about 875 branches in the Netherlands and dozens of subsidiaries around the world that focus on the food, agribusiness, and financial industries. The cooperative's wholesale and international retail banking arm, Rabobank International, has offices in some 30 countries. 

Wednesday Jun 05, 2013

Comprehensive Database Security Defense-in-Depth

Recent successful cyber attacks against some of the most security savvy organizations have put into question IT Security strategies across all industries. The reliance on network security and user credentials have left many institutions vulnerable to attacks by insiders, outsiders exploiting stolen credentials, and SQL injection attacks. Additionally, the pervasive use of production data in non-production environments means that attackers can focus their efforts on a development or test server. Analysts estimate that less than 20% of IT Security plans address database security. 

Oracle Database Security

When Oracle talks about having a comprehensive database strategy, it includes defense-in-depth security controls that protect multiple layers in and around the database environment.

  • Preventive controls are those that are intended to avoid an incident from occurring
  • Detective controls help identify an incident's activities and potentially an intruder
  • Administrative controls are the tools that help with the process and procedures associated with database security
To learn more about each of the Oracle Database Security controls, please visit oracle.com/database/security

Tuesday May 28, 2013

KuppingerCole Review: Oracle Audit Vault and Database Firewall

Learn what one of Europe’s leading analysts have to say

KuppingerCole’s review of Oracle Audit Vault and Database Firewall discusses how this new product monitors Oracle and non-Oracle database traffic to detect and block threats, as well as improves compliance reporting by consolidating audit data from databases, operating systems, directories, and other sources. Learn about:
  • Key product features
  • Product strengths
  • Implementation considerations

Register to receive the review.

Learn more about Oracle Audit Vault and Database Firewall.

Wednesday May 22, 2013

Join Us at the Gartner Security and Risk Management Summit, June 10

Oracle will be a Silver sponsor at this year's Gartner Security & Risk Management Summit in Maryland, and showcasing Oracle Database Security solutions. Stop by to meet and interact with Oracle Security experts throughout the event.

Strategic Roadmaps to Secure the Enterprise and Reduce Risk

As the premier gathering of enterprise IT security and risk management executives, the summit takes a comprehensive look at the entire spectrum of IT security, business continuity management and risk, including: network and infrastructure security, identity and access management, compliance, privacy, fraud, business continuity management, and resilience. This year’s summit offers five in-depth, role-based programs:

  • CISO Program
  • IT Security
  • Risk Management and Compliance
  • Business Continuity Management (BCM)
  • The Business of IT Security

Wednesday May 15, 2013

Oracle Database Security at Microsoft TechEd 2013

Join Oracle at Microsoft TechEd North America 2013 in New Orleans, June 3-6. Oracle will demonstrate its latest database software for Windows, including Oracle Database, MySQL, database activity monitoring and auditing, and more.

Monitor Database Activity, Block Threats, and Efficiently Audit

Hear from Oracle Security experts and discover how Oracle Audit Vault and Database Firewall monitors Oracle and Microsoft database traffic to detect and block threats, as well as improve compliance reporting by consolidating audit data from Oracle and SQL Server databases, Windows operating systems, Microsoft directories, and more.

Stop by Booth # 1917 and see the latest Oracle Innovations!

Thursday May 09, 2013

New Study Reveals Security Spending Not Protecting the Right Assets

Despite widespread belief that database breaches represent the greatest security risk to their business, organizations continue to devote a far greater share of their security resources to network assets rather than database assets, according to a new report, An Inside Out Approach to Enterprise Security, issued by CSO and sponsored by Oracle.

Read more here in the latest Database Insider newsletter.

Wednesday May 08, 2013

Oracle OpenWorld Early-Bird Pricing in Effect Through July 19!

Come join us at Oracle OpenWorld in San Francisco and save $500 off the on-site price by registering by July 19. Early-Bird registrants have the best selection of rooms at Oracle official conference hotels, earliest access to the schedule tool to secure a place in the sessions that matter most to them, and the opportunity to plan ahead to take a few days off before or after the conference to enjoy seeing Oracle Team USA at the America's Cup Races, wine country, and the spectacular fall weather in San Francisco.

 Of course you'll also get an opportunity to meet with Oracle Database Security experts and learn about all of the latest innovations. 

Thursday May 02, 2013

Demo of Oracle Data Masking Using Enterprise Manager 12c

Data masking, also known as data scrambling or data anonymization, is the process of obscuring sensitive information copied from a production database to a test or non-production database. Data masking is ideal for confidential or regulated data that needs to be shared with non-production users who require access to the original data, but not true data.

Watch this demo to see how the Oracle E-Business Suite Template for the Data Masking Pack, when applied with the Oracle Enterprise Manager 12c Cloud Control Data Masking tool, scrambles sensitive data in a copy of the production system.

Tuesday Apr 02, 2013

Oracle Database Security Solutions Help Secure Ellucian Banner Data

Oracle customers Cornell University, Philadelphia College of Osteopathic Medicine, and Columbia University are just some of the higher education institutions using Oracle Database Security solutions to protect their sensitive financial, faculty, and student data. To help these types of organizations more, Ellucian recently announced Ellucian’s Banner Data Defense that combines Oracle Advanced Security, with transparent data encryption software, and the recently-announced Oracle Audit Vault and Database Firewall product, to help ensure data privacy, protect against threats, and maintain regulatory compliance. The package is enhanced by Banner-specific database scripts, documentation and reports, installation and configuration scripts, and best-practice implementation advice from Ellucian’s services team.

Learn more.

About

Who are we?

Follow us on

  • TwitterFacebookLinkedIn

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
12
13
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today