If you are using Oracle Database 12c then you should use Oracle Advanced Security.
Oracle Advanced Security gives you encryption and data redaction features that are unrivalled in the industry. This helps you protect sensitive and confidential application data from unauthorized access no matter where it resides, whether on backup tapes and media, in your database exports or in the operating system. And because it is from Oracle, it works really well with Oracle engineered systems and Oracle Multitenant.
Oracle Advanced Security gives you administrative, preventive and detective controls to help you gain in-depth defense for your data, as well as help you comply with regulations, avoid data leakages and secure private information. For instance, Oracle Advanced Security allows you to automatically encrypt payment card details while it is in storage, at the same time also redacting the same information before it even leaves the database. These processes are required by the Payment Card Industry – Data Security Standard as well as other privacy and confidentiality regulations.
Transparent Data Encryption from Oracle Advanced Security
Oracle Advanced Security uses Transparent Data Encryption, which encrypts data at rest, protecting it from unauthorized access coming from outside the database. It also safeguards your data from loss, theft and even against improper decommissioning of storage backups and media. Applications can still access the data because the data is encrypted only when it is written into storage and automatically decoded once read, thus it does not affect the access controls being implemented at the application layer and the database.
Furthermore, you should understand that Transparent Data Encryption does not alter SQL queries and no code changes are required for your applications.
Data Redaction from Oracle Advanced Security
Oracle Advanced Security also redacts sensitive data before it is sent to applications for display. This way, unauthorized users would not be able to see sensitive information. It does not change actual data stored in your database caches, storage or buffer and also retains the original data type and formatting. Moreover, it does not affect your database’s operations, such as high availability clusters, patch, upgrade, restore and backup. Data Redaction works at the database kernel, which eliminates the need to add or modify your code or use another software to redact your data.
Oracle Advanced Security to help protect your business data
Oracle Advanced Security uses both Transparent Data Encryption and Data Redaction to help protect your database data. The good news is that it is very easy to implement. You can use Oracle Enterprise Manager or several command line APIs to do it.
Both Transparent Data Encryption and Data Redaction work well with other Oracle database tools and features, such as working Oracle Recovery Manager to encrypt your backups and protect pluggable databases in transit.
If you want to learn more about Oracle Advanced Security or if you want to get more in-depth information about Transparent Data Encryption and Data Redaction, then call Four Cornerstone at 1 (817) 377 1144. You will be working with a team of Oracle certified experts who can guide you at every step of implementing Oracle Advanced Security and using other Oracle products and software.
Photo courtesy of Oracle.