Oracle Database Security: What to Look for and Where to Secure

by Tanya Baccam
Sept. 1, 2017 0 comments SANS Institute application and database security

Information assets are what differentiate many companies today. Information such as customer lists, financial data, personally identifiable information and proprietary information are common types of data stored in databases. In order to properly protect this information from external and internal attacks and misuse, organizations need to implement controls as close to this information as possible. This means protecting the data at the database layer. By protecting the data at the database layer, we can control and manage critical information assets centrally. However, to properly protect the data at the database layer, there are a number of steps that must be taken within and around the database itself. In this paper, we discuss critical steps and controls for protecting the Oracle database, followed by steps for protecting data within the Oracle database.