Wednesday Mar 04, 2015

Securing Information in the New Digital Economy

We are in the midst of a data breach epidemic, fueled by a lucrative information black market. The perimeter security most IT organizations rely on has become largely ineffective. Nearly 70% of security resources are focused on perimeter controls, but most exploited vulnerabilities are internal. 

Effective modern security requires an inside-out approach with a focus on data and internal controls.

A New Hacker Economy

Today, a layered economy of specialized, organized hackers has created a black market estimated to be more lucrative than the illegal drug trade. (Lillian Ablon 2014) Hacking-for-hire has made the black market accessible to non-experts, expanding its reach exponentially.  As businesses grow their online footprints, criminals find new ways of attacking their vulnerabilities.

Thinking Inside-Out

Internal systems are the new perimeter – the new front line in the battle for data security. Security should be built into the customer and employee experiences.

  • Manage privileged user access and think beyond the password: another layer of authentication can vastly increase security.
  • Make it more costly and difficult for attackers by protecting the most valuable information first. 

Rebalancing Information Security

Diminish the information supply chain and cut off the cash flow to the black market. Taking a security inside-out approach could bring an end to the arms race, giving economic recovery a chance.

To learn more about Securing Information in the New Digital Economy, read the joint Oracle and Verizon Report.

Wednesday Sep 10, 2014

SANS Webcast: Simplifying Data Encryption and Redaction Without Touching the Code

SANS Analyst and Instructor and well known security expert, Dave Shackleford, will be doing a review of Oracle Advanced Security on September 16, 12:00 p.m. ET/ 3:00 p.m. ET

Register now for the webcast "Simplifying Data Encryption and Redaction Without Touching the Code" 

The need for organizations to protect sensitive information has never been more paramount. The risks of data breaches and sensitive data exposures are driving organizations to look for solutions, as an increasing amount of data is being stored and processed outside the perimeter, in cloud applications and service environments. Organizations must protect this sensitive data at its heart, in the databases. In this webcast, we discuss a recent review by SANS Analyst and Instructor Dave Shackleford of Oracle Advanced Security for Oracle Database 12c and its encryption and redaction capabilities.

Register for the webcast and be among the first to receive an advance copy of a SANS whitepaper discussing the Analyst Program's review of Oracle Advanced Security.

Thursday Aug 07, 2014

Introducing Oracle Key Vault for Centralized Key Management

[ENTER PAGE TITLE]
Banner
Oracle Customers Secure Critical Encryption Keys with Oracle Key Vault

Centrally Manage Oracle Database Encryption Master Keys, Oracle Wallets, Java KeyStores and Other Credential Files

Encryption is widely recognized as the gold standard for protecting data privacy, but encryption is only as strong as its key management. Critical credential files such as Oracle Wallets, Java KeyStores, SSH key files and SSL certificate files are often widely distributed across servers and server clusters with error-prone synchronization and backup mechanisms.

To address the need for robust key management, Oracle today introduced Oracle Key Vault, a software appliance designed to securely manage encryption keys and credential files in the enterprise data center.

Read the press release and register for the webcast to learn how Oracle Key Vault:
  • Centralizes Keys in a modern, secure, and robust key management platform
  • Secures, shares, and manages keys and secrets for the enterprise
  • Manages key lifecycle stages including creation, rotation, and expiration

Oracle Key Vault Learn more: Oracle Key Vault enables customers to quickly deploy encryption and other security solutions.

ipad
Webcast: August 21, 2014
10:00 a.m. PT/1:00 a.m. ET
Hardware and Software Engineered to Work Together
Copyright © 2014, Oracle Corporation and/or its affiliates.
All rights reserved.
Contact Us | Legal Notices and Terms of Use | Privacy Statement

Thursday Jul 17, 2014

What's the Difference Between Oracle Transparent Data Encryption, Data Masking and Data Redaction?

Oracle database security solutions provide three means of making data at rest unreadable. We sometimes get questions about their differences.

Oracle Advanced Security 

Transparent Data Encryption (TDE), a capability of Oracle Advanced Security, is transparent to applications and users by encrypting data within the Oracle Database on disk, without any changes to existing applications. TDE is available as a part of the Oracle Database, so if you have Oracle, you have Oracle Advanced Security and would simply require a license to activate.

When would you use TDE? 

TDE stops would-be attackers from bypassing the database and reading sensitive information from storage by enforcing data-at-rest encryption in the database layer. Applications and users authenticated to the database continue to have access to application data transparently (no application code or configuration changes are required), while attacks from OS users attempting to read sensitive data from tablespace files and attacks from thieves attempting to read information from acquired disks or backups are denied access to the clear text data.

Data Redaction, also a capability of Oracle Advanced Security, provides selective, on-the-fly redaction of sensitive data in SQL query results prior to display by applications so that unauthorized users cannot view the sensitive data. It enables consistent redaction of database columns across application modules accessing the same database information. Data Redaction minimizes changes to applications because it does not alter actual data in internal database buffers, caches, or storage, and it preserves the original data type and formatting when transformed data is returned to the application. 

When would you use data redaction? 

Existing applications often return sensitive data to call center and support staff employees, or even customers that include date of birth, social security numbers, and more.  Traditionally, organizations would have to access and change application source code in order to redact sensitive data. This can be error-prone, laborious, and performance-heavy. Data redaction mitigates this risk and helps organizations comply with compliance requirements, such as PCI DSS, by masking displayed data within applications.

Learn more about transparent data encryption and data redaction. 

Oracle Data Masking and Subsetting

Data Masking enables sensitive information such as credit card or social security numbers to be replaced with realistic values, allowing production data to be safely used for development, testing, or sharing with out-sourcing partners or off-shore teams for other nonproduction purposes..  

When would you use data masking?  

Data masking is used for nonproduction environments for quality assurance, testing, and development purposes. Many organizations inadvertently breach information when they routinely copy sensitive and regulated production data into nonproduction environments. Data in nonproduction environments, which can be lost or stolen, has increasingly become the target of cyber criminals. Data masking helps organizations reduce this risk and comply with compliance requirements.

Learn more about data masking. 

Wednesday Sep 11, 2013

Shedding a Light on Security

Organizations worldwide are scrambling to secure sensitive information in response to regulatory pressure for protecting data privacy and integrity, as well as protect from increasingly sophisticated attacks targeting this data. Encrypting data in applications, however, requires costly and complex code changes, often with disastrous performance consequences. Fortunately these pitfalls can be avoided. Check out this video on data redaction and register to receive the latest information on this new technology in Oracle Database 12c. 

Also, learn more about data redaction here


Wednesday Jan 23, 2013

SquareTwo Enables Development Efficiency, Compliance with Oracle

SquareTwo Financial, a leader in the $100 billion asset recovery and management industry, enables fast growth and regulatory compliance with Oracle Database Security defense-in-depth solutions. Hear J-T Gaietto, manager of information security, discuss how they use Oracle Database Firewall, Oracle Data Masking, and Oracle Advanced Security to enable fast growth and comply with regulatory mandates. 

SquareTwo Financial Enables Development Efficiency and Compliance with Oracle Database Security

Watch the video.

Challenges

  • Comply with a number of regulations: GLBA, HIPAA HITECH, SOX, and PCI DSS
  • Prove separation of duties for Sarbanes-Oxley Act compliance
  • Quickly scale IT security to address fast 37% company growth
  • Minimal disruption to 5.9 million accounts while maintaining growth
  • Secure heterogeneous database environment, with no application changes

Solution

  • Address compliance with database firewall, transparent data encryption,
    data masking for a comprehensive database security defense-in-depth strategy
  • Database activity monitoring to protect against insider and external threats,
    including SQL injection attacks
  • Secure Oracle Exadata and Microsoft SQL Server database activity, with
    no application changes 

 Listen to the podcast for more details.

Thursday Dec 06, 2012

Columbia University Secures PeopleSoft Financials with Oracle's Transparent Data Encryption

Columbia University, the oldest institution of higher learning in New York, protects sensitive data in Oracle's PeopleSoft Financials using Oracle Advanced Security with transparent data encryption. Hear, Nick Caragiulo, manager of database administration, discuss how Columbia helps address internal and regulatory requirements for encryption of data at rest and in motion.

Tuesday Mar 06, 2012

Protecting Life-Saving Patient and Donor Data

With more than 9 million donors as part of its Be the Match registry, the National Marrow Donor Program (NMDP) collects and manages a large amount of sensitive medical information. This data has helped enable more than 43,000 marrow and umbilical cord blood transplants for patients suffering from diseases such as lymphoma and leukemia. As the director of IT infrastructure for NMDP, Kyle Nelson understands the importance of both patient and donor information and the systems that protect this data. “Arguably our most-critical technologies are the Oracle databases and comprehensive database defense-in-depth security solutions that store and protect the sensitive information of critical marrow and cord blood patients and donors,” says Nelson. 

NMDP Discusses Oracle Database Security Solutions

National Marrow Donor Program: Oracle Database Security Defense in Depth
Hear how the National Marrow Donor Program protects life-saving patient and donor data with Oracle Database Security defense-in-depth solutions including Oracle Advanced Security, Oracle Database Vault and Oracle Data Masking.

Every year, thousands of patients with life-threatening diseases such as leukemia, lymphoma, and sickle cell disease need a marrow or cord blood transplant, but don’t have a match in their family. Learn how you can help.

Wednesday Aug 03, 2011

Q&A from Oracle Database 11g Security and Compliance Webcast

Last week we had more than 2900 registrants for the Oracle Database 11g Security and Compliance webcast with guest speaker Tom Kyte. With hundreds of questions coming in, we weren’t able to answer them all. Here are answers to some of the most common questions. If you missed the webcast and want to watch the recording, or would like to sign up for upcoming webcasts in the series, register here.

Q: What is the performance overhead of implementing Oracle Advanced Security with Transparent Data Encryption?
A: According to internal benchmarks and feedback from successful production implementations, the performance overhead is in the single digits. With Oracle Database 11g Release 2 Patchset 1 (11.2.0.2), the hardware crypto acceleration based on AES-NI available in most Intel® XEON® 5600 CPUs is automatically leveraged by TDE tablespace encryption, making TDE tablespace encryption a 'near-zero impact' encryption solution. Listen to TransUnion talk about their experience deploying tablepace encryption.

Q: Can the Oracle Database Firewall be used to monitor performance?
A: Yes. The Oracle Database Firewall can non-intrusively monitor SQL traffic coming to/from the database, including database response and status of SQL statement execution, so the Oracle Database Firewall can help developers to monitor and assess SQL queries performance on production databases, find slow or inconsistently performing queries and also help to identify all clients connecting to a specific database before and after migration by providing execution times on logged database activity. Learn more in the upcoming Database Firewall webcast.

Q: How does Oracle Data Masking protect sensitive data in non-production environments?
A: With Oracle Data Masking, sensitive information such as credit card or social security numbers can be replaced with realistic values, allowing production data to be safely used for development, testing, or sharing with out-source or off-shore partners for other non-production purposes. In other words sensitive data is protected by not being made available in these environments. To better understand data masking, take a look at the flash demo.

Q: Can the Oracle Database Vault administrator/owner see data protected by a realm?
A: No. The Oracle Database Vault owner account can only setup the realm. It cannot see data protected by a realm. This is part of the separation of duty that Oracle Database Vault enforces. Learn more in the Oracle Database Vault Best Practices whitepaper.

And the most frequently asked question…

Q: Is this webcast being recorded?
A: Yes, you can get the recording here, as well as register for upcoming webcasts in the series. Don’t miss the next one, Blocking SQL Injection Attacks and Other Threats with Oracle Database Firewall on August 25th at 11am PT, featuring guest speaker Steve Moyle, CTO of Oracle Database Firewall.

About

Who are we?

Follow us on

  • TwitterFacebookLinkedIn

Search

Archives
« March 2015
SunMonTueWedThuFriSat
1
2
3
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
    
       
Today