Tag: Security

Presented at INSYNC 21

Session ID: 101100

Multi-factor authentication (MFA) or 2-factor authentication (2FA) for database connections is frequently inquired about, but rarely implemented.  Yet is surprisingly easy to implement in the Oracle Database.

This session covers how to implement MFA/2FA for your Oracle Databases via common MFA platforms including Cisco Duo.  Including specifics of how to get started and test in your own DBA lab environment.

Presented at INSYNC 21

Session ID: 100510

Learn how to set up and configure and utilize the Oracle Database Security Assessment Tool.  The tool can help with data and database security best practices and options.  The tool can also help you uncover the sensitivity in your databases so that you and implement ways to better protect your data.

Presented at INSYNC 21

Session ID: 101090

Security breaches are becoming more and more common. From both external and internal threats/bad actors. And while organizations spend considerable effort on perimeter security, the database is often overlooked or considered too fragile to touch.

But more effort needs to be directed towards Oracle database security. Both inside the database and out (i.e. operational practices). And regardless of whether on-premises or in the cloud.

This presentation covers common weaknesses and vulnerable areas of the Oracle database due to configuration and management issues that are easy to correct or remediate right away. Going well beyond the obvious like password rotations and having security policies.

Presented at INSYNC 21

Session ID: 101560

Oracle Database 21c has been released and is the latest innovation release of the Oracle Database.  A number of new security features are included with this release and should be adopted when creating new databases or upgrading existing databases. Learn about the new security features and changes in security for this database release. Key new security features are blockchain table, gradual database password rollover, mandatory case-sensitive passwords, and Unified Auditing enhancements.

Presented at INSYNC 21

Session ID: 101850

Oracle Data Safe is an exciting new service offering security capabilities for identifying and reducing risk in Oracle Databases. First introduced at Oracle Open World San Francisco in 2019, Data Safe has been continuously enhanced and is now available for all Oracle Databases, on-premises and in the cloud. Join us to learn how you can simplify managing the security of your databases. We will go through a real life use case to assess configuration risks, evaluate database users, manage audit settings, report on database activity, discover sensitive data, and remove sensitive data from non-production copies of the database. And the best part – no special expertise is needed to leverage the capabilities of Data Safe.

  • Quest Customer Learning Team
  • Recordings & Presentations
  • 4/01/21

Presented at INSYNC 21

Session ID: 100910

This talk is for database and information security professionals.

The database holds the crown jewels of the organization; however, the infosec security teams have little understanding of working of the database and database developers, designers, and DBAs have little understanding of security concepts. I get it, we get pressure from the top and the users to deliver a system with little time or budget to apply to database security. In this talk, we are going to take the 10,000 meter view of the database and look at the attack surface, attack vectors, and how to mitigate those attacks. At the end of the presentation, developers, designers, and DBAs will have action items they can take back to their shop and start improving security.

During Quest Forum Digital Event: JD Edwards Week, The Anschutz Corporation's Dan Eppich and Q Software's Mike Ward presented how Anschutz established an enterprise security solution that supports the new requirements regarding GDPR, CCPA, and Big Four auditing requirements.

Building on its COLLABORATE legacy, Quest is excited to introduce a BRAND NEW virtual conference, exclusively for Oracle Database and Technology users - INSYNC! The conference will take place on March 30 - April 1, 2021. We can't wait for you to join us, and INSYNC education is now live! Begin browsing the great education and networking opportunities we have in store for you!

The Critical Patch Update for January 2021 was released on January 19, 2021. Oracle strongly recommends applying the patches as soon as possible.

Presented at Quest Experience Week (QXW) – Database & Technology Day

In this era, data privacy and security is a major concern. It is a challenge to be compliant with the standards as far as data security is concerned. Oracle Advanced Security options provide us easy ways to protect our databases and be compliant at the same time. This session will give an overview and use cases of several impactful Oracle Advanced Security features we have been using for our SaaS applications in real life production systems. In addition to that, there are several other in-house best practice we have developed over the years which might be beneficial for others.