Cybersecurity was rated as the top priority for new IT spending during a 2021 CIO Agenda Survey by Gartner, which estimates the data security and risk management spending to exceed $150 billion by the end of 2021. The survey segments the data security and risk management market into application security, cloud security, data security, Identity Access Management (IAM), infrastructure protection, Integrated Risk Management, network security equipment, other information security software, security services, and consumer security software.[1]
To organizations pondering upon boosting the database aspects of the aforementioned data security segments – Infolob recommends Oracle Data Safe. The following explores what is Oracle Data Safe and why we believe it may be an answer to current database security concerns, particularly for existing Oracle users.
What is Oracle Data Safe?
Data Safe is a holistic, cybersecurity control center for Oracle Databases, assisting enterprises to recognize the sensitivity of their data, evaluate the potential risks to data, mask all the sensitive/classified data, enforce and monitor security controls, peruse user security, and user activity, and meet data security compliance requirements like the GDPR, SOX, PCI DSS.
Irrespective of whether you are using Oracle Autonomous Database, the Oracle Database Cloud Service (Exadata, Bare Metal, or Oracle VM), or the older, on-prem Oracle Databases, the Oracle Data Safe offers enterprises the complete essential data security capabilities for mitigating risks, and truly attaining a holistic, impenetrable security posture for databases, deployed on-prem, public cloud, or in multi-cloud settings with standard or enterprise edition (EE) licensing.
A brief story on the Oracle Data Safe
The rolling out of Oracle Data Safe began as a complementary service to the Oracle Autonomous Database, under the comprehensive package of Oracle Cloud Infrastructure. Initially, it was intended to assist users in fulfilling their shared security obligations in a less complex, and cost-effective manner. However, the practicality and efficacy of the Data Safe soon became a public knowledge, with a growing number of users making requests for Oracle Data Safe to also support the other Oracle Databases.
Given the rising demand and Oracle’s proactive stance in meeting customer expectations, or as we call it, their – customer obsession, and the expansion of Data Safe to support all Oracle Cloud Databases, including the Exadata Cloud Service, the Exadata Cloud@Customer, as well as the Database Cloud Service is undertaken. And, eventually, the non-cloud databases with dedicated VPN or FastConnect connections were also included for Oracle Data Safe support.
Features of Oracle Data Safe
Oracle Data Safe offers the following series of features for safeguarding sensitive and regulated data in the Oracle databases, all within single, easy-to-use, and yet a powerful security management console:
- The Security Assessment feature of the Oracle Data Safe enables administrators to assess the security posture of their database configurations. It inspects database configurations, the security controls, and the user accounts to generate comprehensive reports on the findings, along with recommendations for remediation aligned with the up-to-date best practices in risk mitigation.
- The User Assessment feature helps administrators to examine the security of the general users of the database, and identify all the users posing high risk. The feature evaluates information about all the users in the data dictionary for the target databases and generates a ‘risk score’ for every user. For example, it reviews the user type, the mode of authentication, the implemented password policies for the user (assigned separately for every user), and the duration of an unchanged password. It also redirects to audit records related to the individual user. With this many information, it is effortless to deploy custom security controls, as well as policies.
- Data Discovery assist administrators to locate sensitive data in the databases. All they are required to do is specify the type of sensitive data to discover, and the Oracle Data Safe immediately begins analysing the actual data in the target database and the associated data dictionary, returning a list of sensitive columns. By default, the Data Discovery feature in Oracle Data Safe can find a large variety of sensitive data related to identification, biographic, financial, IT, healthcare, academic and employment information.
- Data Masking extends a way for users to mask the discovered sensitive data to be securely used for non-production processes. For instance, enterprises are often required to create copies of their production data to bolster development and testing activities. A simple replication of the production data can inadvertently expose sensitive data to the new users. To avoid such security risks, administrators can leverage the Data Masking feature to swap the sensitive data with realistic, however, fictitious information.
- Activity Auditing is yet another crucial feature in the Oracle Data Safe, capable of tracking database user activity, and pushing alerts on suspicious/risky actions, which is also indispensable for complying with a number of regulations. Admins may select from the default audit policies for general and privileged users, and utilize one of numerous, out-of-the-box, or conventional audit reports on various database activities. They may retain the audit data for about a year, for forensic purposes.
In a nutshell, the User Activity Auditing allows for:
- Provisioning audit, compliance, and alert/event policies
- Collection of audit data from databases, and tracking sensitive operations
- Access Audit Reports
- Interactive, data-rich reports for forensics
- Synopses and detailed reports
What customer problems are addressed with Data Safe?
To secure your organization’s data, you are required to be answering several questions, like:
For security and user assessment
− Are my databases securely configured?
− Do I have highly privileged accounts capable of posing risks to my database?
− Do I have inconsistencies in my configuration strategy?
− What are the methods of remediating these inconsistencies?
In sensitive data recovery
− What are all the types of sensitive data do my organization possess?
− What is the portion of sensitive data is stored in my organization’s database?
− Where are my sensitive data stored?
In data protection
− How can I effectively support test/dev, and analytics while removing the risk of exposing the sensitive data?
In audit
− How can I manage the audit data pooled from individual servers?
− How can I consolidate audit data to streamline reporting and event correlation?
− How can I be notified to unwarranted user activity?
Try Oracle Data Safe for Free
Oracle extends a free tenancy and 30 days of free trial for a range of Oracle Cloud Infrastructure services, comprising the Oracle Data Safe. Prospective users may sign up for a free Oracle cloud account and try the Oracle Data Safe with their Oracle cloud, or on-prem Oracle databases.
Throughout a free trial, users can activate Oracle Data Safe in their tenancy, and test out all the key features, including Data Masking, Security Assessment, Activity Auditing, User Assessment, and Data Discovery. Users can also feel free to contact Infolob, in case they encounter difficulties in accessing these services.