Oracle Database Vault Protects Oracle’s JD Edwards Application Data

Policies, best practices help organizations secure sensitive application data from privileged users while meeting regulatory compliance

Note: ESJ’s editors carefully choose vendor-issued press releases about new or upgraded products and services. We have edited and/or condensed this release to highlight key features but make no claims as to the accuracy of the vendor's statements.

To further protect sensitive application data residing in an Oracle database from unauthorized access by any database user, including privileged database administrators (DBAs), Oracle Database Vault now includes extensible policies for use with Oracle’s JD Edwards EnterpriseOne. Oracle Database Vault enables JD Edwards EnterpriseOne customers to restrict access to application data by highly privileged users, enforce separation-of-duty within the Oracle database, prevent application bypass, and enforce enterprise security policies with multi-factor authorization.

JD Edwards application data is secured transparently. No special modifications to the JD Edwards EnterpriseOne applications are needed to protect against unauthorized access to application data residing in the database as well as prevent accidental or intentionally harmful database changes by users.

The default Oracle Database Vault policies for JD Edwards EnterpriseOne will establish an:

  • Application Protection Realm to prevent privileged users from accessing sensitive information

  • Configuration Protection Realm to protect the application meta data against unauthorized changes

  • Command Rule to authorize the JD Edwards application connections to the Oracle Database based on IP address and client application

The default policies can be customized and further extended to take into account other factors such as time of day, day of week, and authentication, among other options.

Organizations can implement Oracle Database Vault to enforce separation of duties within the database. For example, Oracle Database Vault can block privileged users with DBA rights from reading or changing critical application data while allowing a DBA to perform daily operations such as database backup and recovery, tuning, and replication.

Oracle Database Vault helps organizations meet regulatory mandates such as Sarbanes-Oxley (SOX), Payment Card Industry (PCI) Data Security Standard (DSS), Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), and similar global directives that call for separation-of-duties and other preventive controls to ensure data integrity and data privacy.

The product is certified with all JD Edwards EnterpriseOne application modules and releases version 8.12 and higher, Oracle’s Siebel CRM, the Oracle E-Business Suite, and Oracle’s PeopleSoft Enterprise. More information is available at www.oracle.com/database/security.