Wednesday, October 17, 2012

Data Protection

While there are a variety of ways to protect structured and unstructured data, there are several key issues inherent in some Data Protection approaches. Some of the more notable data protection challenges include:
  • Protecting both Structured and Unstructured Data - Unstructured data, such as a spreadsheet report extracted from the database containing sensitive data, also needs to be considered when evaluating data protection and security
  • Reducing Administrative Overhead - Internal database encryption (TDE) solutions require user training and processes that are unique to each database company, a costly and resource-consuming task
  • Augmenting Inadequate Policy and Database TDE Key Management - enterprises with large deployments to use the native database key management solutions, since each database server will have separate encryption keys to manage
  • Simplifying Legacy Database Migration - It can be difficult or impossible to migrate older database versions to more recent versions offering internal TDE data protection, because of the constraints inherent in the packaged database application
  • Improving Performance - The performance overhead required for TDE varies significantly depending on the workload, whether column encryption or tablespace encryption is used
Posted by at No comments:
Labels: , ,

Database Protection

An enterprise looking to provide database protection with internal database encryption functionality will need to factor in potential increased costs and administrative resources required for managing multiple database encryption solutions. While native encryption methods (such as TDE) can be an adequate database protection choice for some customer scenarios, there are limitations inherent in the internal encryption approach.
Posted by at No comments:
Labels: , ,

Monday, October 15, 2012

Oracle Encryption

Oracle provides encryption functionality as part of the Oracle Database Advanced Security Option (ASO). Oracle's ASO offering includes Transparent Data Encryption (TDE). Oracle Data Masking and Database Vault are other options available from Oracle that can be used to address other security requirements. Oracle Encryption (TDE) was first introduced in Oracle 10g Database Release 2 (10gR2) to simplify the encryption of data within data files, preventing access to it from the operating system. Oracle 10gR2 provided column encryption. Oracle 11gR1 and R2 added tablespace encryption to the existing column encryption.
Posted by at No comments:
Labels: , , , , ,

Storage Encryption

There are several different approaches to encrypting server data, some of the main Storage Encryption challenges include:
  • Storage Environment Changes - Most storage encryption solutions are not transparent and require considerable new hardware and changes to the storage environment.
  • Threat Protection, Physical Media, and Data Theft - Storage-oriented encryption provides protection against the theft of physical media, but does little to protect against internal and external hackers. Most significant data breaches have involved hacking rather than theft of physical media.
  • Separation of Duties - Storage-oriented encryption can secure data at rest on the physical media if that media is somehow stolen, but it does not protect against a hacker or malicious insider accessing data through the corporate network
Posted by at No comments:
Labels: , , , ,

Wednesday, September 19, 2012

Cloud Data Protection

Data encryption should protect data on all devices and on every type of storage, it should also protect your data in the cloud too. The Cloud Encryption should be kept transparent so that it’s easy to use. And you keep control of the encryption keys. You don’t need to rely on the security architecture of the cloud storage provider.
Posted by at No comments:
Labels: ,

MS SQL Server Encryption

Microsoft SQL Server Encryption using TDE protects data at rest inside (meaning data and log files) of the database through native encryption functions within the database. MS SQL supports SQL Server 2008 and 2012. TDE is referred to as "transparent" since for some implementations, it can secure the data without requiring application changes to take advantage of the database encryption functionality
Posted by at No comments:
Labels: , , ,

Oracle Database Encryption

Oracle Database Encryption using TDE provides data protection for data at rest inside (i.e., data and log files) of the Oracle database through native encryption functions within the database. TDE is referred to as "transparent" since for some implementations, it can secure the data without requiring application changes to take advantage of the database encryption functionality
Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)