fbpx
 

Category: Database security

What is Oracle Data Masking?
Sam AlapatiAccess management, Center of Internet Security (CIS), Compliance, Contract Lifecycle management, Cost Containment/Negotiation, Database security, IT Security, Oracle database, Security Assessments, Security RiskLeave a Comment on What is Oracle Data Masking?

Oracle Data Masking is an Option offered for use with Oracle’s databases. Data masking provides a way to de-identify data. When might a company need to de-identify its data? Well, companies service their customers through data stored in their production databases. However, the production database isn’t the only place that sensitive data is stored. Almost every company supports its production databases with various data stores called testing, development or staging databases. Privacy and regulatory mandates call for securing and protecting […]

Oracle Advanced Security
Sam AlapatiAccess management, Compliance, Database security, DSS (Data Security Standard), HIPAA, Identity management, IT Security, Oracle database, PCI (Payment Card Industry), Risk, Security Assessments, Security RiskLeave a Comment on Oracle Advanced Security

Oracle Advanced Security (OAS) is an Option that you can purchase for your Oracle databases. What exactly can OAS do for you? There are two key things that you can do with OAS – encrypt what is called data “at rest” and data “in flight”. The data at test that OAS lets you protect is the data stored on your storage disks, whether they are in database storage or in backup storage. Since your database and backup data is stored […]

Who’s doing what with your data – need for an identity management system and auditing
Sam AlapatiAccess management, Database security, DSS (Data Security Standard), Identity management, IT SecurityLeave a Comment on Who’s doing what with your data – need for an identity management system and auditing

The sensational revelations of the inside action of international diplomacy are still being revealed by WikiLeaks, which has access to a stash of about a quarter million of secret diplomatic messages between the State department and the U.S. embassies around the world. Of course, the revelations caused a red faced State department to fulminate about violations of national security by Wikileaks. The State department has just unveiled the cloak of mystery regarding exactly how the secret messages were accessed and […]

Web Application Vulnerabilities – way too common!
Sam AlapatiCenter of Internet Security (CIS), Database security, DSS (Data Security Standard), IT Security, Security RiskLeave a Comment on Web Application Vulnerabilities – way too common!

Web applications are common to practically every company that uses the internet. Even if a company uses the well-known Secure Sockets Layer (SSL) and utilizes sophisticated firewall protection, the very fact that it can’t control what users can input into their web forms, introduces several avenues that a malicious person can use to attack the company’s data. Top web application researcher and practitioner Dafydd Studdard and his colleagues have tested thousands of web applications for security assessments over the years. […]

The Recent attacks on PayPal, Visa and MasterCard
Sam AlapatiCenter of Internet Security (CIS), Database security, DSS (Data Security Standard), IT Security, PCI (Payment Card Industry), Security RiskLeave a Comment on The Recent attacks on PayPal, Visa and MasterCard

One of the interesting fallouts from the Wikileaks revelations about U.S. and international diplomatic cables that revealed the inner machinations of foreign policy operatives, secrets is the attacks by Wikileaks supporters on various financial institutions that shut off the processing of monetary contributions to the Wikileaks organization. Of the three major financial giants impacted by the mass internet attacks, PayPal, Visa and MasterCard were the most affected entities. PayPal seems to have weathered the storm pretty well, but Visa and […]

CIS and Oracle Database Security Benchmarks
Sam AlapatiCenter of Internet Security (CIS), Database security, Oracle database, SQLLeave a Comment on CIS and Oracle Database Security Benchmarks

Most Oracle (as well as DB2, MySQL and MS SQL Server) DBA’s are aware of the existence of Oracle database and application security benchmarks, but tend to treat the benchmarks, which are a type of best practice lists, with somewhat of a benignly neglectful attitude. This attitude is attributable to the lack of time on behalf of the harried DBAs, who are tasked with numerous critical functions, including the ensuring of high performance and continuous availability of their systems.

Oracle Announces Oracle Database Firewall product
Sam AlapatiDatabase security, Oracle database, SQLLeave a Comment on Oracle Announces Oracle Database Firewall product

Oracle has just announced a brand new database security product, named Oracle Database Firewall. Oracle Database Firewall is the name for the database activity monitoring capability previously offered by Secerno, the British firm, which was recently acquired by Oracle. Oracle seems to be on solid ground when it claims that the new product provides zero day protection from security threats, because the tool works in real time by working not within the database itself, but by monitoring database activity at […]

In Archive