Episode Details

Because of how valuable your data is, protecting it against theft and unauthorized use is perhaps your biggest challenge. Databases need more security than the bare minimum. In this episode, Lois Houston and Nikita Abraham, along with Greg Genovese, talk about how Oracle's data-driven security features work together to create a maximum security architecture. Oracle MyLearn: https://mylearn.oracle.com/ Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ Twitter: https://twitter.com/Oracle_Edu Special thanks to Arijit Ghosh, David Wright, Ranbir Singh, and the OU Studio Team for helping us create this episode. --------------------------------------------------------- Episode Transcript:

00;00;00;00 - 00;00;38;18

Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started.

Hello and welcome to the Oracle University Podcast. I'm Lois Houston, Director of Product Innovation and Go to Market Programs with Oracle University, and with me is Nikita Abraham, Principal Technical Editor.

00;00;38;20 - 00;01;01;20

Hello again! In today's episode, we're going to talk with Oracle Database Specialist Greg Genovese about Oracle's Maximum Security Architecture.

Hi, Greg. Thanks for joining us today. We have so much sensitive information in our databases so I get why a data thief would try to attack and steal data. But how do they actually do it?

Databases don't just operate in a vacuum.

00;01;01;23 - 00;01;26;01

A database is accessed often through a firewall by users and applications. Speaking of those firewalls, if an attacker has managed to penetrate into the internal network, they may choose to go after data traveling over that network. This type of attack is much less likely to be detected than attempts to access the database directly. Another popular attack is against the underlying data files, database backups, or database exports.

00;01;26;04 - 00;01;49;19

Here again, if the attacker is successful, they may be able to steal the entire database without even having to try to log in.

Oh my goodness! That sounds terrible.

If none of those options work, perhaps the database has an unpatched vulnerability. In many cases, there are automated attack toolkits that help exploit these vulnerabilities.

00;01;49;21 - 00;02;18;29

And let's not forget those non-production copies of the database.

What's a non-production copy of a database?

In many systems, the test and development instances are effectively just clones of production and are hardly ever monitored as closely as production databases. In most cases, there are copies of database for test, development, stage, and user acceptance testing or UAT. Databases persist data into a storage medium and run on servers with operating systems and peripherals.

00;02;19;02 -