One of the key concerns of many employers is how far their systems are secure from unauthorized access to sensitive information. While we’re all aware of insider threats to data, unauthorized access to data is a growing problem in many companies. All compliance regulations such as PCI-DSS and SOX and other breach disclose laws mandate strong access controls to prevent discloser of sensitive data. Oracle Database Vault is software that is explicitly designed to help you enforce separation of duties in your environment. You can transparently enhance security of your applications without having to write a single line of new code, by implementing database vault to prevent unauthorized access data by your own employees.
Database Vault lets you separate key administrative actions such as account management and database management, for example. The vault uses the concept of “realms” to demarcate the areas within the database so privileged users can’t sue their special powers to access application data. Thus, a database administrator won’t be able to look up his or her CEO’s salary. The administrator will be empowered only to perform database activities such as backups and performance tuning, without being allowed access to secure business data. The vault lets you specify maintenance windows, thus restricting the database logins by DBAs for maintenance purposes.
One of the most useful features of Oracle Database Vault is the ability to produce various types of ready-to-go reports that come with the vault. If your DBA tries to look up your customer information, there will be a record of that in the audit reports. Oracle Database Vault is managed through a console, making it very easy to administer. It’s certified to work with all Oracle applications such as Oracle E-Business – it also contains security policies for each application, and you can create custom policies as well.