Wednesday Oct 02, 2013

Security in Oracle Database 12c Gives Reason for Customers to Upgrade

The latest edition of Oracle Magazine, headlined with Plug into the Cloud, gives many reasons for customers to upgrade to the latest release of Oracle Database 12c

In the article Time to Upgrade, Michelle Malcher, President of the Independent Oracle Users Group (IOUG) and Oracle ACE Director, says "Oracle Database 12c is packed with several new and enhanced security features. A great new security feature is privilege analysis, which allows DBAs to get to the bottom of what permissions are really needed and used. How much time is that going to save in audit reports and managing the security for least privilege?"

To prepare for the latest edition of Oracle Database, Malcher had an opportunity sit down and beta test the latest features with others. During this time, we captured some of her comments, along with other beta testers, about another new feature: data redaction (see below video).

She goes on to say "Redaction is another security features that is easy to implement and probably will save a lot of time previously spent having to mask data in different environments or code solutions to hide private data and information. Setting up a comprehensive redaction policy for users, applications, and environments can further protect sensitive data.

Learn more about the new security features in the latest release of Oracle Database 12c.

Thursday Jun 13, 2013

Why Rabobank Chose Oracle Database Vault

Rabobank was faced with two major challenges: addressing international compliance requirements and protecting sensitive data from privileged database users. In this podcast, Niels Zegveld, manager of database administration, tackled these challenges using Oracle Database Vault, without impacting system performance or applications.

Niels manages the database team that supports the investment banking business. The team runs Oracle Database 11g and Oracle Enterprise Manager to manage the maintenance of their databases. They have a mix of applications including Oracle FLEXCUBE and custom-built solutions.

Addressing Regulatory Requirements and Demonstrating Separation of Duties

Being an international bank, Rabobank must comply with mulitple regulations and regulatory bodies, including the Dutch National Bank and the FSA. As part of these regulations, Rabobank had to demonstrate that employees, or applications, that have access to sensitive data are the only ones that are authorized to have access.

The requirements of separtion of duties and securing sensitive financial data were originally handed over to the security department. Their first instinct was to look at solutions that were outside of the database, however, none of the solutions were able to cover the requirements. This lead the security team to begin discussions with the database team to find out what suggestions they could offer. Niels' team was able to come up with a solution that would support all  requirements and be easy to manage.

Oracle Database Vault

Working with Oracle security experts and Oracle Database Vault, Rabobank is addressing best practices of separtion of duties and least privilege while protecting sensitive data from privileged users. Niels is happy to say they have passed their audits and found that performance tests show neglible impact to their systems and users. 

Listen to the entire podcast to learn more.  

About Rabobank

According to Hoovers, Rabobank Group was founded as a cooperative of Dutch agricultural banks in 1898, the company has some 140 member banks that have about 875 branches in the Netherlands and dozens of subsidiaries around the world that focus on the food, agribusiness, and financial industries. The cooperative's wholesale and international retail banking arm, Rabobank International, has offices in some 30 countries. 

Monday May 14, 2012

Best Practices for Database Privileged User Access Controls

Insider threats and stolen credentials continue to account for the greatest incidents of data breaches and loss. On May 30th, we'll be discussing database access control best practices for all database users, including highly privileged users using Oracle Database Vault. You'll learn how to enforce who can access what data, and when and how that data is accessed in order to prevent application bypass and enable secure database consolidation. You will also hear how Oracle customers use Oracle Database Vault and Oracle Database 11g to protect sensitive data and comply with regulatory mandates.

 To learn more, register for this, and our other Best Practices for Database Security and Compliance webcasts.

Tuesday Mar 06, 2012

Protecting Life-Saving Patient and Donor Data

With more than 9 million donors as part of its Be the Match registry, the National Marrow Donor Program (NMDP) collects and manages a large amount of sensitive medical information. This data has helped enable more than 43,000 marrow and umbilical cord blood transplants for patients suffering from diseases such as lymphoma and leukemia. As the director of IT infrastructure for NMDP, Kyle Nelson understands the importance of both patient and donor information and the systems that protect this data. “Arguably our most-critical technologies are the Oracle databases and comprehensive database defense-in-depth security solutions that store and protect the sensitive information of critical marrow and cord blood patients and donors,” says Nelson. 

NMDP Discusses Oracle Database Security Solutions

National Marrow Donor Program: Oracle Database Security Defense in Depth
Hear how the National Marrow Donor Program protects life-saving patient and donor data with Oracle Database Security defense-in-depth solutions including Oracle Advanced Security, Oracle Database Vault and Oracle Data Masking.

Every year, thousands of patients with life-threatening diseases such as leukemia, lymphoma, and sickle cell disease need a marrow or cord blood transplant, but don’t have a match in their family. Learn how you can help.

Monday Jul 18, 2011

Oracle Database 11g Security and Compliance Solutions Webcast Series

As many of you are rolling out Oracle Database 11g across your enterprise, and taking advantage of the unprecedented performance of the new Oracle Exadata Database Machine to consolidate your databases, now is the time to think about security. So for the next few months, we will be presenting a series of webcasts on Oracle Database 11g Security and Compliance to help you take advantage of your database infrastructure to protect data privacy, address regulatory compliance requirements, and defend against SQL injection and other attacks.

Our first webcast, July 28 at 10am PT, will feature Tom Kyte of the popular “Ask Tom” web site. Tom will introduce you to the comprehensive database security solutions offered by Oracle and help you understand the importance of each solution in a complete database defense in depth strategy.

When you register for this webcast, you will also have an opportunity to register for all the webcasts in the series:

  • Blocking SQL Injection Attacks and Other Threats with Oracle Database Firewall
  • Database Activity Auditing, Alerting and Reporting with Oracle Audit Vault
  • Transparent Data Encryption with Oracle Database 11g
  • Privileged User Access Control with Oracle Database 11g
And in the meantime, check out our new Oracle Database Security Resource Library. It includes whitepapers, demos, and everything else you need to get started today.

Tuesday Jun 21, 2011

Oracle Security Inside Out Newsletter – June Edition

This month’s Information In Depth Newsletter, Security Inside Out Edition is now available.

In this edition we look at the Gartner Security and Risk Management Summit 2011, discuss safeguarding data from threats with Oracle Database Vault, and reveal the latest database security webcasts, videos, training, events and more.

If you don’t have a subscription to this bi-monthly security information update, you can sign up here at the bottom of the page.

Monday May 23, 2011

KuppingerCole "Strongly Recommends" Oracle's Database Security Offerings

In a recently released report, leading European-based analyst firm KuppingerCole "strongly recommends" that organizations with Oracle Databases in production should consider Oracle's database security offerings. "From the KuppingerCole perspective, Oracle currently has the broadest portfolio in the market and delivers leading-edge products in all areas of database security," writes the report's author, Martin Kuppinger, founder and principal analyst, KuppingerCole.

Well-known for their thought leadership in information security and governance, risk management, and compliance, KuppingerCole decided to focus their attention on database security. Kuppinger writes that "the need for database security solutions is obvious," and explains that a significant number of data breaches and data theft occur at the databases level.

In the report, Kuppinger evaluated solutions such as Oracle Advanced Security, Oracle Database Vault, and Oracle Label Security, which run within the Oracle Database, as well as solutions such as the new Oracle Database Firewall and Oracle Audit Vault, which run outside the database and support both Oracle and non-Oracle databases. You can read the report here.

About

Who are we?

Follow us on

  • TwitterFacebookLinkedIn

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
12
13
15
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today