Thursday Feb 20, 2014
Sunday Feb 09, 2014
Wednesday Feb 05, 2014
Wednesday Oct 02, 2013
By Troy Kitch on Oct 02, 2013
The latest edition of Oracle Magazine, headlined with Plug into the Cloud, gives many reasons for customers to upgrade to the latest release of Oracle Database 12c .
In the article Time to Upgrade, Michelle Malcher, President of the Independent Oracle Users Group (IOUG) and Oracle ACE Director, says "Oracle Database 12c is packed with several new and enhanced security features. A great new security feature is privilege analysis, which allows DBAs to get to the bottom of what permissions are really needed and used. How much time is that going to save in audit reports and managing the security for least privilege?"
To prepare for the latest edition of Oracle Database, Malcher had
an opportunity sit down and beta test the latest features with others. During this time, we captured some of her comments,
along with other beta testers, about another new feature: data
redaction (see below video).
She goes on to say "Redaction is another security features that is easy to implement and probably will save a lot of time previously spent having to mask data in different environments or code solutions to hide private data and information. Setting up a comprehensive redaction policy for users, applications, and environments can further protect sensitive data.
Learn more about the new security features in the latest release of Oracle Database 12c.
Wednesday Sep 11, 2013
By Troy Kitch on Sep 11, 2013
Organizations worldwide are scrambling to secure sensitive information in response to regulatory pressure for protecting data privacy and integrity, as well as protect from increasingly sophisticated attacks targeting this data. Encrypting data in applications, however, requires costly and complex code changes, often with disastrous performance consequences. Fortunately these pitfalls can be avoided. Check out this video on data redaction and register to receive the latest information on this new technology in Oracle Database 12c.
Also, learn more about data redaction here.
Tuesday Aug 13, 2013
By Troy Kitch on Aug 13, 2013
New to Oracle Advanced Security, Data Redaction provides selective, on-the-fly redaction of sensitive data in SQL query results prior to application display so that unauthorized users cannot view the sensitive data. It enables consistent redaction of database columns across application modules accessing the same database information. Data Redaction minimizes changes to applications because it does not alter actual data in internal database buffers, caches, or storage, and it preserves the original data type and formatting when transformed data is returned to the application. Data Redaction has no impact on database operational activities such as backup and restore, upgrade and patch, and high availability clusters.
Unlike historical approaches that relied on application coding and new software components, Data Redaction policies are enforced directly in the database kernel. Declarative policies can apply different data transformations such as partial, random, and full redaction. Redaction can be conditional, based on different factors that are tracked by the database or passed to the database by applications such as user identifiers, application identifiers, or client IP addresses. A redaction format library provides pre-configured column templates to choose from for common types of sensitive information such as credit card numbers and national identification numbers. Once enabled, polices are enforced immediately, even for active sessions
For more information on data redaction:
- Oracle Technology Network
- Customers discuss data redaction
- Sabre talks about data redaction
- Encryption and Redaction in Oracle Database 12c whitepaper
Thursday Dec 06, 2012
By Troy Kitch on Dec 06, 2012
Columbia University, the oldest institution of higher learning in New York, protects sensitive data in Oracle's PeopleSoft Financials using Oracle Advanced Security with transparent data encryption. Hear, Nick Caragiulo, manager of database administration, discuss how Columbia helps address internal and regulatory requirements for encryption of data at rest and in motion.
Tuesday Nov 06, 2012
By Troy Kitch on Nov 06, 2012
Regulations such as the Payment Card Industry Data Security Standards (PCI DSS), U.S. state security breach notification laws, HIPAA HITECH and more, call for the use of data encryption or redaction to protect sensitive personally identifiable information (PII).
From the outset, Oracle has delivered the industry's most advanced technology to safeguard data where it lives—in the database. Oracle provides a comprehensive portfolio of security solutions to ensure data privacy, protect against insider threats, and enable regulatory compliance for both Oracle and non-Oracle Databases. Organizations worldwide rely on Oracle Database Security solutions to help address industry and government regulatory compliance.
Specifically, Oracle Advanced Security helps organizations like Educational Testing Service, TransUnion Interactive, Orbitz, and the National Marrow Donor Program comply with privacy and regulatory mandates by transparently encrypting sensitive information such as credit cards, social security numbers, and personally identifiable information (PII). By encrypting data at rest and whenever it leaves the database over the network or via backups, Oracle Advanced Security provides organizations the most cost-effective solution for comprehensive data protection.
Watch the video and learn why organizations choose Oracle Advanced Security with transparent data encryption.
Monday Oct 01, 2012
By Troy Kitch on Oct 01, 2012
12:15 - 1:15 PM
Database Security Inside-Out: Latest Innovations in Database Security (CON8686)
Moscone South - 102
3:15 - 4:15 PM
Oracle Database Security Solutions Customer Panel: Real-World Case Studies (CON8674)
Moscone South - 270
4:45 - 5:45 PM
Latest Innovations and Best Practices for Oracle Database Auditing (CON8661)
Moscone South - 303
Monday Jan 30, 2012
Tuesday Jan 10, 2012
By Troy Kitch on Jan 10, 2012
In an effort to assist organizations further prevent internal and external attacks from reaching their enterprise databases, Oracle announced a new release of Oracle® Database Firewall which introduces support for MySQL Enterprise Edition, complementing previously announced support for Oracle Database 11g and earlier releases, IBM DB2 Linux Unix Windows, Microsoft SQL Server, Sybase Adaptive Server Enterprise (ASE) and Sybase SQL Anywhere. This latest release of Oracle Database Firewall also features new reporting capabilities including new reports that help to further address regulatory compliance.
“Organizations can further enhance enterprise database security with Oracle Database Firewall,” said Vipin Samar, vice president of Database Security, Oracle. “With new MySQL support, Oracle Database Firewall extends the combination of databases that organizations can secure across their enterprise. The improved reporting capabilities automate time-consuming regulatory compliance reporting functions.”Read more
Tuesday Nov 02, 2010
By Troy Kitch on Nov 02, 2010
Friday Oct 22, 2010
By Troy Kitch on Oct 22, 2010
Tuesday Sep 21, 2010
Who are we?
Follow us on
- Part 4: Controlling Data Access and Restricting Privileged Data in Oracle Database
- February Edition of Security Inside Out Newsletter, Now Available
- Bitcoin Exchange Files Bankruptcy in Wake of Cyber Attack
- Part 3: Controlling Data Access and Restricting Privileged Data in Oracle Database
- Part 2: Controlling Data Access and Restricting Privileged Data in Oracle Database
- New Blog Focused on Oracle Advanced Security
- Controlling Data Access and Restricting Privileged Data in Oracle Database
- Webcast with ISACA - Want Better Data Security?
- Oracle Data Redaction Article in Oracle Magazine
- Recent Breaches Prove Risks to Retail Industry Higher than Ever