Home : Contact Us : Sitemap       

Oracle Security

   Case Studies

Does your security plan protect your data? Today, many companies have security plans that include Internet connections, email systems, networks and operating systems. However, most security plans do not include one of the most important parts of your enterprise: the database.

Creating and enforcing security procedures to protect your corporate data is an integral component of managing an Oracle database. More and more, businesses are required to adhere to regulatory compliance requirements, such as Sarbanes Oxley. The Oracle database has several layers of security and provides auditing functionality at each level.

The Oracle consultants at Celeritas can assist you in defining and implementing your security requirements. We secure your Oracle database by implementing the following security features:

  • Password Management to force password expiration, limit password reuse, limit the number of failed logon attempts, force password complexity, lock and expire database accounts
  • Database Auditing to monitor logon and logoffs and successful and unsuccessful transactions
  • Fine Grained Auditing to define specific conditions necessary for an audit record to be generated, resulting in a more meaningful audit trail
  • Database Resource Manager to set resource limits and quotas on the amount of various system resources available to users
  • Roles to manage object privileges
  • Fine Grained Access Control and Virtual Private Databases (VPD): the use of functions to implement security policies at the row level regardless of how data is accessed (through SQL*Plus, Toad, or an application). The database server enforces the security policy
  • Oracle Label Security for more sophisticated row level security
  • Data Encryption to provide an additional layer of protection

Oracle Security Case Studies

Industry: Oil & Gas
Project: Oracle Database Health Check

   An oil and gas company had several key applications (Payroll, Benefits, Gas Measurement/Analysis and Well Data) running on Oracle databases. The client requested an overall review of the health of all of these databases.

Celeritas interviewed the application owners, collected information about the configuration and management of the systems, and provided prioritized recommendations for each system. The areas of focus were security, manageability, supportability, backup/recovery and performance.

Industry: Utility
Project: Sarbanes-Oxley - NERC 1200 Compliance

A large electrical utility requested help with building a plan and implementing solutions in order to satisfy their Sarbanes-Oxley and NERC 1200 compliancy issues.

Celeritas provided project management, technical leads and implementation services in the areas of security, auditing, change control, disaster recovery and other IT policy in order to address this need.

Industry: Financial Services
Project: Sarbanes-Oxley Security Implementation

   A local financial services company required assistance with the recommendations and deployment of Oracle environment configuration changes in order to satisfy their Sarbanes-Oxley requirements. Celeritas reviewed their Sarbanes-Oxley audit results, developed a plan to address open issues, and implemented the plan.

The implementation included Oracle database auditing, password policies and modifications to user access and rights. The database auditing included auditing of successful and unsuccessful connections to the database, commands executed by privileged users, and privileged commands executed by other users.

Password policies forced expiration of passwords and defined password reusability rules. Database roles were created to manage access to database objects.

Top | Home | Contact Us | Sitemap
Oracle Consulting | Clustering/HA Systems | Performance Analysis
Shared Services | Sarbanes Oxley | System Administration | GIS Services