Securing the database is simple and challenging at the same time.
Its simple primarily because of 2 reasons:
If your business is dependent on data withing the database you need to ensure that you have controls in place for data integrity and availability. If this data is sensitive or confidential then you need to look into the controls need for confidentiality.
Now what is sensitive data? Sensitive data does not have to be PII, HIPPA or PCI data, it can be any sensitive information like transaction data, customer data, vendor data, sales data.
The challenging part when it comes to securing the database is identifying the right set of controls that you need to ensure confidentiality, integrity and availability of this data.
When identifying these controls I like to evaluate solutions on 5 criteria:
When you look at an Oracle database the following set of products provide the complete set of controls needed for your defense in depth strategy. You can pick and choose these technologies as per your business requirements, the products are designed to work together, are easy to manage an maintain but the key here is that they are designed to function together as the security platform for you database.
Its simple primarily because of 2 reasons:
- Depth of knowledge and understanding of the database in the Industry.
- Security solutions for the database are transparent to business applications.
If your business is dependent on data withing the database you need to ensure that you have controls in place for data integrity and availability. If this data is sensitive or confidential then you need to look into the controls need for confidentiality.
Now what is sensitive data? Sensitive data does not have to be PII, HIPPA or PCI data, it can be any sensitive information like transaction data, customer data, vendor data, sales data.
The challenging part when it comes to securing the database is identifying the right set of controls that you need to ensure confidentiality, integrity and availability of this data.
When identifying these controls I like to evaluate solutions on 5 criteria:
- Transparency
- Performance
- Accuracy
- Heterogeneous support
- Integration options
When you look at an Oracle database the following set of products provide the complete set of controls needed for your defense in depth strategy. You can pick and choose these technologies as per your business requirements, the products are designed to work together, are easy to manage an maintain but the key here is that they are designed to function together as the security platform for you database.
- Oracle Database Firewall
- Oracle Audit vault
- Oracle Advanced Security Option
- Oracle Virtual Private database
- Oracle Label Security
- Oracle Database Vault
- Oracle Database Masking
No comments:
Post a Comment