fbpx
 

Category: HIPAA

Using Oracle Database Firewall
Scott D. RosenbergAccess management, Center of Internet Security (CIS), Compliance, Contract Lifecycle management, Cost Containment/Negotiation, Database security, DSS (Data Security Standard), Enterprise Agreement, GRC (Governance, HIPAA, Identity management, IT Asset Management, IT Security, Licensing Change Alert, Microsoft Licensing Compliance, Microsoft Licensing Tip, Microsoft: News You Can Use, Miro News, Oracle database, Oracle Licensing Compliance, Oracle Licensing Tip, Oracle: News You Can Use, PCI (Payment Card Industry), Risk, Security Assessments, Security Risk, software asset management, Software audit, SQL, Uncategorized, VirtualizationLeave a Comment on Using Oracle Database Firewall

We’re all familiar with network firewalls, which prevent unauthorized access to your network from external sources. However, network firewalls don’t protect your databases from malicious attacks, which sometimes come disguised as privileged internal users. Web applications are a major source of data attacks, through stratagems such as SQL Injection, for example. Oracle’s Database Firewall (a product Oracle gained through its acquisition of Secerno, a British firm, in 2010) offers a solid defensive perimeter to monitor and enforce accepted behavior on […]

Oracle Advanced Security
Sam AlapatiAccess management, Compliance, Database security, DSS (Data Security Standard), HIPAA, Identity management, IT Security, Oracle database, PCI (Payment Card Industry), Risk, Security Assessments, Security RiskLeave a Comment on Oracle Advanced Security

Oracle Advanced Security (OAS) is an Option that you can purchase for your Oracle databases. What exactly can OAS do for you? There are two key things that you can do with OAS – encrypt what is called data “at rest” and data “in flight”. The data at test that OAS lets you protect is the data stored on your storage disks, whether they are in database storage or in backup storage. Since your database and backup data is stored […]

Breach Notification Laws
Scott D. RosenbergHIPAA, IT Security, Security AssessmentsLeave a Comment on Breach Notification Laws

Data breach notification laws require companies to implement formal data breach notification polices that cover the procedures for incident reporting and external breach notification. Except just four states – Alabama, Kentucky, New Mexico and South Dakota, every state in the U.S. has passed a breach notification law in the recent past, following the lead of California’s landmark breach disclosure law in 2003. . Breach notification laws require companies to notify their customers about security breaches that involve personal information. Of […]

In Archive