Wednesday Mar 27, 2013
Thursday Mar 21, 2013
By Troy Kitch-Oracle on Mar 21, 2013
Q&A: Ontario Commissioner and Leading Privacy Expert Dr. Ann Cavoukian
Dr. Ann Cavoukian is both Ontario's information and privacy commissioner and one of the leading privacy experts in the world. In January, Dr. Cavoukian and Oracle released a new white paper covering the convergence of privacy and security.
Oracle Named a Leader in Gartner Magic Quadrant for Data Masking Technology
Gartner, Inc. has named Oracle as a leader in its “Magic Quadrant for Data Masking Technology,” published in December 2012.
Virgin Media Relies on Oracle Identity Management to Secure Wi-Fi Service in the London Underground
Leading up to the 2012 Olympics, Virgin Media was entrusted with a massive undertaking—to quickly and securely provide London's Underground stations with Wi-Fi service. The company turned to two Oracle Identity Management solutions—Oracle Virtual Directory and Oracle Entitlements Server—to successfully deliver.
Friday Mar 15, 2013
By Troy Kitch-Oracle on Mar 15, 2013
One of the many issues security professionals face is tracking down information for their particular security challenges. Oracle has a multitude of resources across our comprehensive database security defense-in-depth solutions. Quite frankly, it can be difficult to find the particular information you're looking for. So, here's an attempt to consolidate some of those key resources:
- Oracle Database Security Solutions
- Oracle Audit Vault and Database Firewall (database activity monitoring and firewall)
- Oracle Advanced Security (transparent data encryption)
- Oracle Database Vault (privileged user access controls)
- Oracle Label Security (label based access controls)
- Oracle Data Masking (masking data in non-production database environments)
- Oracle Technology Network
Customer Case Studies
Events and Training
Analyst, News, and Social
- Security Analyst Reports
- Oracle Database on Twitter @OracleDatabase
- Oracle Database on Facebook
- Oracle Database on LinkedIn
- Oracle Database on Google+
- Security Inside Out blog (hint: you're here!)
- Security Inside Out newsletter
- Data Sheets
- White Papers
- Documentation: Oracle Database 11g Security
- Documentation: Oracle Audit Vault and Database Firewall
Wednesday Nov 21, 2012
By Troy Kitch-Oracle on Nov 21, 2012
The new survey from the Independent Oracle Users Group (IOUG) titled "Closing the Security Gap: 2012 IOUG Enterprise Data Security Survey," uncovers some interesting trends in IT security among IOUG members and offers recommendations for securing data stored in enterprise databases.
"Despite growing threats and enterprise data security risks, organizations that implement appropriate detective, preventive, and administrative safeguards are seeing significant results," finds the report's author, Joseph McKendrick, analyst, Unisphere Research.
Produced by Unisphere Research and underwritten by Oracle, the report is based on responses from 350 IOUG members representing a variety of job roles, organization sizes, and industry verticals.
Key findings include
- Corporate budgets increase, but trailing. Though corporate data security budgets are increasing this year, they still have room to grow to reach the previous year’s spending. Additionally, more than half of respondents say their organizations still do not have, or are unaware of, data security plans to help address contingencies as they arise.
- Danger of unauthorized access. Less than a third of respondents encrypt data that is either stored or in motion, and at the same time, more than three-fifths say they send actual copies of enterprise production data to other sites inside and outside the enterprise.
- Privileged user misuse. Only about a third of respondents say they are able to prevent privileged users from abusing data, and most do not have, or are not aware of, ways to prevent access to sensitive data using spreadsheets or other ad hoc tools.
- Lack of consistent auditing. A majority of respondents actively collect native database audits, but there has not been an appreciable increase in the implementation of automated tools for comprehensive auditing and reporting across databases in the enterprise.
The report's author finds that securing data requires not just the ability to monitor and detect suspicious activity, but also to prevent the activity in the first place. To achieve this comprehensive approach, the report recommends the following.
- Apply an enterprise-wide security strategy. Database security requires multiple layers of defense that include a combination of preventive, detective, and administrative data security controls.
- Get business buy-in and support. Data security only works if it is backed through executive support. The business needs to help determine what protection levels should be attached to data stored in enterprise databases.
- Provide training and education. Often, business users are not familiar with the risks associated with data security. Beyond IT solutions, what is needed is a well-engaged and knowledgeable organization to help make security a reality.
Wednesday Apr 06, 2011
Tuesday Mar 29, 2011
By Troy Kitch-Oracle on Mar 29, 2011
Thursday Mar 17, 2011
By Troy Kitch-Oracle on Mar 17, 2011
Friday Feb 25, 2011
Monday Feb 14, 2011
By Roxana Bradescu on Feb 14, 2011
Friday Jan 28, 2011
By Troy Kitch-Oracle on Jan 28, 2011
Friday Jan 07, 2011
By Roxana Bradescu on Jan 07, 2011
Wednesday Jan 05, 2011
Thursday Dec 30, 2010
Friday Dec 17, 2010
By Troy Kitch-Oracle on Dec 17, 2010
Friday Dec 10, 2010
By Troy Kitch-Oracle on Dec 10, 2010
Who are we?
Follow us on
- How Spain Protects 400 Million Citizen Records
- Wanted: Outstanding Oracle Security Experts to Speak @OpenWorld 2016
- New Paper Explains Oracle Public Cloud Security
- Oracle Magazine Highlights "Security at Every Level"
- Securing Oracle Public Clouds
- Larry Ellison, New Rules of Thumb for Next-Generation Data Security
- ISACA Webcast on Cloud Security Prediction, Feb 11, 2016
- Oracle at RSA Conference 2016
- Cloud Prediction #2: Security as an Enabler
- Encryption is the Easy Part; Managing those Keys is Difficult