Privacy, Security and Regulatory Compliance

Slides:



Advertisements
Similar presentations
Information Security Domains Computer Operations Security By: Shafi Alassmi Instructor: Francis G. Date: Sep 22, 2010.
Advertisements

A comparison of MySQL And Oracle Jeremy Haubrich.
Database Vault Welcome, today I’d like to present an overview of the latest security product from Oracle – Database Vault. We announced this new product.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
IS3350 Security Issues in Legal Context
12-1 Copyright  Oracle Corporation, All rights reserved. What Is a View? EMPNO ENAME JOB MGR HIREDATE SAL COMM DEPTNO
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 5 Database Application Security Models.
1 DETERRING INTERNAL INFORMATION SYSTEMS MISUSE EECS711 : Security Management and Audit Spring 2010 Presenter : Amit Dandekar Instructor : Dr. Hossein.
Chapter 5 Database Application Security Models
ECM Base Compliance Input Messaging & Alert Compliance dashboard Compliance Monitoring Internal & External Audit Tracking Access Control Compliance & Financial.
ORACLE DATABASE SECURITY
10 Copyright © 2005, Oracle. All rights reserved. Implementing Oracle Database Security.
MS Access 2007 IT User Services - University of Delaware.
Copyright  Oracle Corporation, All rights reserved. I Introduction.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 6 Virtual Private Databases.
CSIS 4310 – Advanced Databases Virtual Private Databases.
CIS 103 — Applied Computer Technology Last Edited: September 17, 2010 by C.Herbert Using Database Management Systems.
Computer Science 101 Database Concepts. Database Collection of related data Models real world “universe” Reflects changes Specific purposes and audience.
Federated or Not: Secure Identity Management Janemarie Duh Identity Management Systems Architect Chair, Security Working Group ITS, Lafayette College.
SQL Structured Query Language Programming Course.
Executive Invitation – Oracle Data Finder Service Oracle Corporation.
1 Theory, Practice & Methodology of Relational Database Design and Programming Copyright © Ellis Cohen Introduction to Relational Databases &
G:\99Q3\9220\PD\AJD2.PPT 1 Harriet P. Pearson Chief Privacy Officer IBM February 7, 2003 IBM.
Session 2: SQL (A): Parts 1 and 2 Original materials supplied by the Oracle Academic Initiative (OAI). Edited for classroom use by Professor Laku Chidambaram.
Databases and Information Management Chapter 6. Outline Database Relational Database Database Management System (DBMS) Structured Query Language Data.
Securing Your Enterprise with Enterprise Manager 10g Amir Najmi Principal Member of Technical Staff System Management Products Oracle Corporation Session.
Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?
Copyright  Oracle Corporation, All rights reserved. 12 Creating Views.
Database technology Introduction ER Modeling Database objects (intro) SQL.
Chapter 6 Virtual Private Databases
Copyright س Oracle Corporation, All rights reserved. 12 Creating Views.
Database Overview What is a database? What types of databases are there? How are databases more powerful than spreadsheets?
 Information privacy involves the protection of an individual’s personally identifiable information. Such information can include health records, criminal.
ORACLE's Approach ORALCE uses a proprietary mechanism for security. They user OLS.... ORACLE Labeling Security. They do data confidentiality They do adjudication.
L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.
Protect your data Enable your users Desktop Virtualization Information protection Mobile device & application management Identity and Access Management.
Data Protection Regulation
Getting started with Accurately Storing Data
Maciej Pęciak Robert Dąbroś
Relational Normalization Theory
Add video notes to lecture
SQL Server 2016 How can Hoster Partners make money with SQL 2016?
Identity and Access Management
Database Security and Authorization
Microsoft 365 Get help with regulatory compliance
6/26/2018 5:24 AM THR1083 Enabling Advanced Security Capabilities: Drive consistent authorization across multiple applications Bryan Bolling Solution Architect,
Kuchimanchi Lakshmi Prasanna
Database Management  .
6 Principles of the GDPR and SQL Provision
LM 8 Data Administration & Database Administration
What is Database? A database is a collection of data with defined structure and purpose. Data can easily be accessed, managed, and updated. Data can be.
What Is a View? EMPNO ENAME JOB EMP Table EMPVU10 View
A Gift of Fire Third edition Sara Baase
O365 Data Compliance Control of sensitive data is key to cloud adoption Addressing Legal and Regulatory Data Compliance requirements is now a critical.
A Gift of Fire Third edition Sara Baase
GDPR (General Data Protection Regulation)
Student Experience It’s your education.
DAT381 Team Development with SQL Server 2005
 How does GDPR impact your business? Pro Tip: Pro Tip: Pro Tip:
IS4680 Security Auditing for Compliance
Lecture 16 : The Relational Data Model
DATABASE TECHNOLOGIES
Lecture 16 : The Relational Data Model
What does that have to do with me?
Data Mapping & Data Subject Rights
18734: Foundations of Privacy
Database Connections.
IT and Society Week 2: Privacy.
Presentation transcript:

Privacy, Security and Regulatory Compliance Kristy Edwards Sr. Manager, Data Privacy Compliance Oracle Corporation

Oracle’s Experience Product solutions are tools for privacy Leverage technology as part of compliance efforts

Oracle’s Experience Organizational measures are primary compliance tools Purpose (adequate/relevant data) Notice and Consent Technical measures are secondary tools Who gets access to system? What data can a person access? How do you track who has seen or changed PII?

Databases in the Enterprise Web Sites HR Education Financials Storage in Databases

Oracle’s Experience Enforce security on the data, augment in applications Aids in privacy compliance because the data is always protected – cannot bypass security HR Finance SQL Report Writer Database

Granular Access Control PII is often stored in columns within database tables Row-level access control and relevant columns “Column Masking” Values are masked due to the security policy Row-level security SSN Relevant column

Granular Access Control Built to address data privacy requirements Segregation between name and PII FNAME LNAME SSN ---------- -------------- --------- JACOB SMITH MARIA ALLEN 603833046 MARY WARD STEVE JONES STEVEN MARTIN RAJIV BLAKE ROMAN CLARK SCOTT JONES JENN KING CHELSI TURNER DEREK ADAMS   11 rows selected.

Accountability via Auditing Auditing is a key aspect of many privacy regulations and policies Identify access to PII Identify misuse of legitimate privilege Privacy-relevant columns Real-time alert Relevant columns CCN NAME

Granular Auditing Fewer, but more precise, audit records Audit Analysis: reduce false or misleading audits makes it easier to analyze audit records Accountability and deterrence Real-time alert to detect violations Lends to privacy compliance

Recommendations Organizational measures come first Technical measures Restrict who gets in Manage their identities and access rights Column level controls Audit to hold users accountable for their actions Software is a tool for privacy compliance But didn’t you mention oganizational measures – (sell my data to spammers, don’t give notice of how you’re using my data)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.