capgemini technology vision for oracle database security

Oracle Database Security – General IntroductionJohan Louwers -- Global Oracle Architect Office

Technology Vision

2Copyright © Capgemini 2015. All Rights ReservedGlobal Oracle Architect Office

Oracle Security – General Introduction “Just a number”

$1,000,000,000,000Is lost by businesses everyyear due to cybercrime

That is a Trillion dollars a year


Oracle Security – General Introduction “Just some examples”

Some major data breaches in 2015

ANTHEM HEALTH INSURANCE80,000,000 people affected due to the loss of patient records

INTERNAL REVENUE SERVICE300,000 people affected due to the loss of tax records

PREMERA BLUE CROSS11,000,000 people affected due to the loss of patient records

UCLA HEALTH SYSTEM4,500,000 people affected due to loss of unencrypted passwords


Oracle Security – General Introduction “Just some examples”

Some major data breaches in 2015

US PERSONELL MANAGEMENT OFFICE22,200,000 people affected due to loss of confidential information

HARVARD UNIVERSITY8 colleges affected due to compromised databases holding personal data

LASTPASS7,000,000 passwords compromised

ASHLEY MADISION37,000,000 people affected due to the loss of personal data


Oracle Security – General Introduction “Just some facts”

IT Security spend has doubled...but we’re no safer

VULNERABILITYManagement

ENDPOINTSecurity

EMAILSecurity

NETWORKSecurity

Current focusIT spend has primarily focused on the perimeter

Required focusAttacks are in general aimed against the core




96%Of breached records are from databases

80%Of breached records involve application and web services

66%Of sensitive data is stored in relational databases

94%Of breached records involve compromising servers




97%Of attacked are preventable if you protect data at the core

DatabasesSpecific security for databases is vital and often overlooked

InfrastructureSecurity should focus strongly on infrastructure


Oracle Security – General Introduction “Ensure you secure your DATA”

Oracle Key Vault

Oracle Audit Vault

Oracle Database Firewall

Oracle Advanced Security

Oracle Database Vault

Oracle Label SecurityOracle Data Masking

Oracle Enterprise manager



Ensure you secure your DATA

Oracle Advanced SecurityComply with privacy and regulatory mandates that require companies to encrypt and redact application data such as credit cards, social security numbers, or personally identifiable information (PII). By encrypting data at rest and masking data whenever it leaves the database, Oracle Advanced Security provides the most cost-effective solution for comprehensive data protection.




Oracle Database VaultComply with data privacy and protection mandates that restrict the use of actual customer data. Oracle Database Vault proactively protects application data stored in Oracle Database from being accessed by unauthorized privileged database users.




Oracle Data MaskingComply with data privacy and protection mandates that restrict the use of actual customer data. With Oracle Data Masking and Subsetting Pack, sensitive information such as credit card or social security numbers can be replaced with realistic values, allowing production data to be safely used for development, testing, or sharing with out-source or off-shore partners.




Oracle Label SecurityDesigned to meet public-sector requirements for multilevel security and mandatory access control, Oracle Label Security provides a flexible framework that both government and commercial entities worldwide can use to manage data access on a “need to know” basis.




Oracle Database FirewallMonitor Oracle and non-Oracle database traffic to detect and block threats. Block incoming SQL statements based upon white and black listing. Improves the overall security and provides additional security on top of standard network firewalls.




Oracle Audit VaultImprove compliance reporting by consolidating audit data from databases, operating systems, directories, and other sources.




Oracle Key Vault Oracle Key Vault enables customers to deploy encryption and other security solutions by centrally managing encryption keys, Oracle Wallets, Java Keystores, and credential files.




Oracle Enterprise managerimprove overall security monitoring and compliancy by using a centralized solution for monitoring systems and ensuring security framework compliancy is in place on all components via real-time monitoring.


Oracle Security – General Introduction “Working with Capgemini”

Capgemini services and solutionsCapgemini provides a wide range of services and solutions for Oracle technology and the required security that should accompany the IT footprint in which Oracle technology is used.

• Architecture servicesCapgemini provides a wide range of architecture services on Oracle Technology also including security architecture services and security roadmap services to ensure security is embedded on an architectural level in your organisation

• Security assessment servicesSecurity and technology teams with a focus on Oracle technology provide customers the option to do a assessment and provide the requried advice on how to strengthen security.

• Implementation and maintenance servicesImplementation and maintenance of Oracle security products and security features can be provided by the Capgemini global Oracle teams

• Security watch services24*7 active monitoring and acting upon security related incidents in line by the Capgemini international monitoring and operating centre can be provided.


Capgemini Oracle Architect Office – Background Information


Capgemini - Global Oracle Architect Office“Capgemini OAO key mission”

Technology StandardsCreating and maintaining the global oracle technology standards and implementation roadmaps to ensure customers receive the Oracle & Capgemini best practice based solutions to provide the most optimal business value.

Technology VisionIdentifying, tracking, prototyping and developing new solutions and technologies, using a combination of forward-thinking visionary and practical realism to provide customers a practical future roadmap and a clear direction.

Technology SolutionsEnsuring that the technological solutions created by both Oracle and Capgemini are positioned as a unified solution for our customer and the most optimal technological advantages of the products are used.

Business ValueProviding customers with the most optimal business value with the lowest TCO to support customer is accelerating in their day to day operations and achieving there goals with Oracle technology as an enabler.

TechnologyVision

TechnologyStandards

TechnologySolutions

BusinessValueOAO


TechnologyVision

TechnologyStandards

TechnologySolutions

BusinessValueOAO

Capgemini - Global Oracle Architect Office“Capgemini OAO core team”

Sunil KrishnanunniSenior Architect – Asia [email protected]

Del AlbrechtSenior Architect – North [email protected]

Johan LouwersLead Architect – Global (EMEA)[email protected]

Global Oracle Architect Office contact:[email protected]

The information contained in this presentation is proprietary.© 2014 Capgemini. All rights reserved.

www.capgemini.com

About CapgeminiWith almost 140,000 people in 40 countries, Capgemini is one of the world’s foremost providers of consulting, technology and outsourcing services. The Group reported 2013 global revenues of EUR 10.1 billion. Together with its clients, Capgemini creates and delivers business and technology solutions that fit their needs and drive the results they want. A deeply multicultural organization, Capgemini has developed its own way of working, the Collaborative Business ExperienceTM, and draws on Rightshore®, its worldwide delivery model.

Rightshore® is a trademark belonging to Capgemini

http://www.facebook.com/Capgemini

http://www.linkedin.com/company/capgemini

http://www.twitter.com/capgemini

http://www.youtube.com/capgemini

http://www.slideshare.net/capgemini

capgemini technology vision for oracle database security

Data & Analytics