Oracle 19c: Data Security for 2020

Some things never change, including the mandate for cutting-edge data security to keep your organization safe from both internal and external threats. Next year promises more – and more complex – data and database security concerns, and companies that don’t have enhanced security strategies in mind may suffer significant consequences because of that omission.

 
For those that do plan to proactively avoid cyber threats, Oracle designed its newly released Oracle 19c database management system (DBMS) to address those, and the Oracle experts at Datavail are happy to help them implement those strategies.

Data Security at the Top of the IT Concern List (Again)

If 2019 is an example, then 2020 promises to be a bang-up data security year. Not only are the cybercriminals upping their games and building ever more nefarious malware, but regulatory agencies are also heightening mandates requiring enhanced data privacy protections for their constituents. Any company with an international footprint (or that wants one) must engage the systems needed to compete at that level while maintaining tight controls over all of the data that flows to and from those sources.

It doesn’t help that threats can come from both inside and outside of the organization:

Internal Threats

Worker Data Theft

Unfortunately, there will always be disgruntled employees willing to exploit their position at the company’s expense. Verizon’s latest Insider Threat Report reveals that more than half of reported 2019 data breaches (57 percent) involved corporate insiders and that 61 percent of those did not hold leadership roles. Worse, installed fraud detection software caught only four percent of all reported insider breaches.

Inadvertent Sharing

It’s important to note that internal data security threats aren’t always intentional. A surprising 40 percent of C-Suite respondents to a 2018 Shred-it survey stated that their company’s latest data disaster was caused by employees who had inadvertently lost, mishandled, or inadvertently shared confidential information. Remember those widely reported instances where mid-level managers unintentionally emailed quarterly sales data to their cousin? They’re still happening apparently.

Oracle had both inadvertent and intentional employee concerns in mind when it added not one or two layers of internal data protections, but three layers of data access protections, to ensure only authorized personnel have access to and can manipulate corporate information.

• Schema-only accounts can’t access the central database, so users can’t inappropriately access it either.
• Privilege analysis keeps tabs on who should have access, and who shouldn’t. This feature is especially helpful in organizations that have high staff turnover rates.
• Sometimes even the passwords are encrypted, too, with transmissions managed by the Oracle Data Pump. This feature solves the challenge of criminals finding their way in via unprotected passwords.

External Threats

Sadly, two of the cyber criminal’s favorite tools are still in vogue and continue to grow in popularity, probably because they’ve proven to be so effective in the past:

Ransomware

Incidents of ransomware have been in the news recently, so its existence isn’t news. What is news is that cyber thieves are targeting more small- to medium-sized companies than they are the mega-corporations. And those attacks are becoming more expensive, with the value of the ransom demand doubling in the past year.

Phishing

Too many workers continue to click on suspicious buttons or open unexpected attachments, only to let loose malware that can steal consumer data, proprietary programming, or shut down both their machine and their company. Further, despite crackdowns and enhanced cyber crime prosecutions, the number of phishing emails has risen 250 percent just this year, making that ploy one of the most pervasive cyber crimes.

These are just two of the methods used today’s cyber criminals to intrude into your databases. My latest white paper details these new security features found in the Oracle 19c DBMS and explains how Oracle users can deploy these tools to avoid becoming cyber crime victims.

Datavail’s Oracle experts are available to help you add data security protections to your database and your entire enterprise; just give them a call.

Read this next: Oracle Database 19c: Harnessing Tomorrow’s Data Today