SlideShare a Scribd company logo

Biznet Gio Presentation - Database Security

Yusuf Hadiwinata Sutandar, profile picture
Yusuf Hadiwinata Sutandar

This document provides information on database security. It discusses how database security protects confidentiality, integrity and availability of databases. It also discusses the importance of database security to prevent data loss or compromise. Some of the largest data breaches in 2018 are summarized, including breaches of Aadhaar and Facebook that exposed over 1 billion and 87 million records respectively. Common attack vectors and frameworks for implementing database security are referenced. Finally, the document outlines a methodology for implementing proven database security practices around inventory, testing, compliance, eliminating vulnerabilities, enforcing least privileges, monitoring for anomalies, data protection, backup plans, and responding to incidents.

Technology
1 of 28
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
Biznet Gio Presentation - Database Security
Yusuf Hadiwinata Sutandar Linux Geek, Opensource Enthusiast, Security Hobbies RHCT, RHCSAv5-v7,RHCEv5-v7,RHCVA, RHCI, RHCX, RHCSA-RHOS,RHCJA,CEI, CEH, CHFI, CND, EDRP, CCNA, MCTCNA, Security+, Network+, VCA, vExpert 2017-2018 Senior Operation Manager Technology
Key-Service For Your Business
Key-Service For Your Business What Is Database Security? Database security, under the umbrella of information security, protects the confidentiality, integrity and availability of an organization’s databases.
Key-Service For Your Business Importance of Database Security and Integrity Database security is more than just important: it is essential to any company with any online component. Sufficient database security prevents data bring lost or compromised, which may have serious ramifications for the company both in terms of finances and reputation
Key-Service For Your Business Biggest Data Breaches of 2018 Aadhaar (Kemendagri India) 1.1 billion records breached Date disclosed: January 3, 2018 Facebook (sosmed) At least 87 million records breached Date disclosed: March 17, 2018 The Oregon Clinic (healtcare) Records affected: 64,487 The most affected industries in 2017 (by number of breaches) https://www.medcareernews.com/top-industries-affected-data-leaks-2017/
Key-Service For Your Business Data Breaches of 2018 Map http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
Key-Service For Your Business Most Common Attack Vector https://www.sophos.com/en-us/medialibrary/pdfs/other/apt-infographic.pdf?cmp=70130000001xIObAAM
Key-Service For Your Business Enterprise Security Framework Source: Oracle Security In Depth Reference Architecture
Key-Service For Your Business Database Security Conceptual View Source: Oracle Security In Depth Reference Architecture
Key-Service For Your Business Data Security Logical Architecture View Source: Oracle Security In Depth Reference Architecture
Key-Service For Your Business The Methodology for Proven Database Security Leverage Biznet Manage Services Provider to secure cloud database investment
Key-Service For Your Business Inventory • Discover, classify and prioritize the databases containing your valuable information whether cloud based or on-premise • Discover, Track and Manage Your SQL Server Inventory • Manage known databases on your network and in the cloud; discover unknown databases outside the scope of current compliance controls
Key-Service For Your Business Inventory
Key-Service For Your Business Testing • Define and manage security standards and compliance policies to be used to assess database security posture • Schedule or run ad-hoc job-based assessments to quantify cloud based or on-premise database adherence to selected policies
Key-Service For Your Business Compliance and Certifications
Key-Service For Your Business Compliance Enablement Logical Architecture Source: Oracle Security In Depth Reference Architecture
Key-Service For Your Business Eliminate Vulnerabilities • Fix potentially harmful password configurations, table access grants, user roles and other vulnerable areas identified in assessment of database assets. • Conduct regular and continuous assessments to identify issues and ensure that they are remediated in a timely manner.
Key-Service For Your Business Enforce Least Privileges • Ensure employees and applications have only the rights needed to do their jobs • Understand who has access to what data and how they’ve been granted that access Key Point: Analyze membership to powerful server roles and groups such as administrators, systems administrators, and security administrators to ensure the level of access is warranted. From a group, see the list of group members and select a member for further analysis. From a user, see the group memberships and drill upwards to view inherited permissions.
Key-Service For Your Business Monitor for Anomalies • Inspect database access and activities for policy violations and attempted attacks • Audit actions of known privileged users as well as administrative activity
Key-Service For Your Business Fraud Detection Logical Architecture View Source: Oracle Security In Depth Reference Architecture
Key-Service For Your Business Protecting • Deploy policy-based Activity Monitoring to create an easily managed set of actionable security and compliance alerts. • Transparent Data Encryption (TDE) to protect sensitive data • Database Firewall acts as the first line of defense for databases, helping prevent internal and external attacks from reaching the database
Key-Service For Your Business DR / Backup Plan - Multiple Data Center Cloud Provider providing Multi Region Provide higher Avaibility to Database
Key-Service For Your Business No Bandwidth Hassle
Key-Service For Your Business Respond to Incident Audit and Respond to suspicious activity and policy violations in real time • Send an alert to IT Security to prompt further investigation. • Notify the SIEM system to correlate database activity with web application logs. • Initiate a malware scan to remove any injected code. • Lockout the user’s account to prevent further attempts to access sensitive data.
Key-Service For Your Business Peace of Mind
Key-Service For Your Business Question and Answer
Key-Service For Your Business Key-Service For Your Business www.biznetgiocloud.com PT. Biznet Gio Nusantara MidPlaza 1, 7th Floor Jl. Jend Sudirman Kav. 10-11 Jakarta 10220 – Indonesia

More Related Content

PDF
Biznet Gio Presentation - Cloud Computing
Yusuf Hadiwinata Sutandar
 
PDF
Protecting National Critical Infrastructure Asiangames 2018
Yusuf Hadiwinata Sutandar
 
PPTX
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
Maganathin Veeraragaloo
 
PDF
Workshop on CASB Part 2
Priyanka Aash
 
PDF
ECS: Delivering Better Cyber Intelligence and Compliance
Elasticsearch
 
PPSX
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
centralohioissa
 
PPTX
Security and governance in the cloud
Julian Knight
 
PPTX
Security As A Service In Cloud(SECaaS)
أحلام انصارى
 
Biznet Gio Presentation - Cloud Computing
Yusuf Hadiwinata Sutandar
 
Protecting National Critical Infrastructure Asiangames 2018
Yusuf Hadiwinata Sutandar
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
Maganathin Veeraragaloo
 
Workshop on CASB Part 2
Priyanka Aash
 
ECS: Delivering Better Cyber Intelligence and Compliance
Elasticsearch
 
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
centralohioissa
 
Security and governance in the cloud
Julian Knight
 
Security As A Service In Cloud(SECaaS)
أحلام انصارى
 

What's hot (19)

PPTX
The Software-Defined Perimeter: Securing Network Access for the Modern Workforce
Perimeter 81
 
PPTX
Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...
Rohan Singh
 
PDF
63 Requirements for CASB
Kyle Watson
 
PDF
Take It to the Cloud: The Evolution of Security Architecture
Priyanka Aash
 
PDF
CSA Introduction 2013 David Ross
Graeme Wood
 
PPTX
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Himani Singh
 
PDF
Thin Air or Solid Ground? Practical Cloud Security
Dan Fitzgerald, CISSP, CIPM
 
PDF
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera Technologies
 
PDF
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
Priyanka Aash
 
PPTX
Rethinking Cybersecurity for the Digital Transformation Era
Zscaler
 
PDF
CSA Standards Development Summary
CloudSecurityAllianceAustralia
 
PPTX
The evolution of IT in a cloud world
Zscaler
 
PPTX
Secure your M365 resources using Azure AD Identity Governance
Vignesh Ganesan I Microsoft MVP
 
PPTX
Secure your cloud applications by building solid foundations with enterprise ...
Vladimir Jirasek
 
PDF
Implementing zero trust architecture in azure hybrid cloud
Ajit Bhingarkar
 
PDF
Using Data Science for Cybersecurity
VMware Tanzu
 
PPTX
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
centralohioissa
 
PDF
CASB — Your new best friend for safe cloud adoption?
Digital Transformation EXPO Event Series
 
PPTX
NIST Cybersecurity Framework (CSF) on the Public Cloud
CloudHesive
 
The Software-Defined Perimeter: Securing Network Access for the Modern Workforce
Perimeter 81
 
Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...
Rohan Singh
 
63 Requirements for CASB
Kyle Watson
 
Take It to the Cloud: The Evolution of Security Architecture
Priyanka Aash
 
CSA Introduction 2013 David Ross
Graeme Wood
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Himani Singh
 
Thin Air or Solid Ground? Practical Cloud Security
Dan Fitzgerald, CISSP, CIPM
 
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera Technologies
 
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
Priyanka Aash
 
Rethinking Cybersecurity for the Digital Transformation Era
Zscaler
 
CSA Standards Development Summary
CloudSecurityAllianceAustralia
 
The evolution of IT in a cloud world
Zscaler
 
Secure your M365 resources using Azure AD Identity Governance
Vignesh Ganesan I Microsoft MVP
 
Secure your cloud applications by building solid foundations with enterprise ...
Vladimir Jirasek
 
Implementing zero trust architecture in azure hybrid cloud
Ajit Bhingarkar
 
Using Data Science for Cybersecurity
VMware Tanzu
 
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
centralohioissa
 
CASB — Your new best friend for safe cloud adoption?
Digital Transformation EXPO Event Series
 
NIST Cybersecurity Framework (CSF) on the Public Cloud
CloudHesive
 
Ad

Similar to Biznet Gio Presentation - Database Security (20)

PPTX
Make your Azure PaaS Deployment More Safe
Thuan Ng
 
PPTX
Data Leakage Prevention
Microsoft TechNet - Belgium and Luxembourg
 
PPTX
Modern Data Security for the Enterprises – SQL Server & Azure SQL Database
WinWire Technologies Inc
 
PDF
ALTR Company Overview 2023
Kim Cook
 
PPTX
Breakdown of Microsoft Purview Solutions
Drew Madelung
 
PPTX
Aligning Application Security to Compliance
Security Innovation
 
PDF
2022 Trends in Enterprise Analytics
DATAVERSITY
 
PPTX
I am sharing 'Unit-2' with youuuuuu.PPTX
padhaipadhai639
 
PPTX
ISS CAPSTONE TEAM
Jonathan Fuller
 
PPTX
3. Cloud-Infrastructure-and-Entitlements-Management.pptx
Bert Blevins
 
PPTX
Security Architecture Best Practices for SaaS Applications
Techcello
 
PPTX
SMAC - Social, Mobile, Analytics and Cloud - An overview
Rajesh Menon
 
PPTX
B2 - The History of Content Security: Part 2 - Adam Levithan
SPS Paris
 
PDF
SECURING THE CLOUD DATA LAKES
Happiest Minds Technologies
 
PPTX
13 April 2015 DC-Salesservice power.pptx
Arjun Kumar Marya
 
PPTX
Emerging IT Trends and Innovation Concepts.pptx
Roshni814224
 
PDF
MSFT Cloud Architecture Information Protection
Kesavan Munuswamy
 
PDF
ppt-security-dbsat-222-overview-nodemo.pdf
camyla81
 
PDF
Data Services Marketplace
Denodo
 
PPTX
ExpertsLive NL 2022 - Microsoft Purview - What's in it for my organization?
Albert Hoitingh
 
Make your Azure PaaS Deployment More Safe
Thuan Ng
 
Data Leakage Prevention
Microsoft TechNet - Belgium and Luxembourg
 
Modern Data Security for the Enterprises – SQL Server & Azure SQL Database
WinWire Technologies Inc
 
ALTR Company Overview 2023
Kim Cook
 
Breakdown of Microsoft Purview Solutions
Drew Madelung
 
Aligning Application Security to Compliance
Security Innovation
 
2022 Trends in Enterprise Analytics
DATAVERSITY
 
I am sharing 'Unit-2' with youuuuuu.PPTX
padhaipadhai639
 
ISS CAPSTONE TEAM
Jonathan Fuller
 
3. Cloud-Infrastructure-and-Entitlements-Management.pptx
Bert Blevins
 
Security Architecture Best Practices for SaaS Applications
Techcello
 
SMAC - Social, Mobile, Analytics and Cloud - An overview
Rajesh Menon
 
B2 - The History of Content Security: Part 2 - Adam Levithan
SPS Paris
 
SECURING THE CLOUD DATA LAKES
Happiest Minds Technologies
 
13 April 2015 DC-Salesservice power.pptx
Arjun Kumar Marya
 
Emerging IT Trends and Innovation Concepts.pptx
Roshni814224
 
MSFT Cloud Architecture Information Protection
Kesavan Munuswamy
 
ppt-security-dbsat-222-overview-nodemo.pdf
camyla81
 
Data Services Marketplace
Denodo
 
ExpertsLive NL 2022 - Microsoft Purview - What's in it for my organization?
Albert Hoitingh
 
Ad

More from Yusuf Hadiwinata Sutandar (20)

PDF
Varnish Enterprise Feature​ Migration From Varnish Cache​
Yusuf Hadiwinata Sutandar
 
PDF
Presentasi_Yusuf_Hadiwinata_Sutandar_PANDI_Berdaulat_Digital.pdf
Yusuf Hadiwinata Sutandar
 
PDF
LOUCA23 Yusuf Hadiwinata Linux Security BestPractice
Yusuf Hadiwinata Sutandar
 
PDF
How DevOps works in the Enterprise
Yusuf Hadiwinata Sutandar
 
PDF
Acronis Meet and Learn
Yusuf Hadiwinata Sutandar
 
PDF
BiznetGio Presentation Business Continuity
Yusuf Hadiwinata Sutandar
 
PDF
March of the Penguin - 31 years Linux Snapshot
Yusuf Hadiwinata Sutandar
 
PDF
Choose the Right Container Storage for Kubernetes
Yusuf Hadiwinata Sutandar
 
PDF
Biznet GIO National Seminar on Digital Forensics
Yusuf Hadiwinata Sutandar
 
PDF
PHPIDOL#80: Kubernetes 101 for PHP Developer. Yusuf Hadiwinata - VP Operation...
Yusuf Hadiwinata Sutandar
 
PDF
Kubernetes Jakarta Meetup 010 - Service Mesh Observability with Kiali
Yusuf Hadiwinata Sutandar
 
PDF
Devops Indonesia Presentation Monitoring Framework
Yusuf Hadiwinata Sutandar
 
PDF
Bssn book security awarness
Yusuf Hadiwinata Sutandar
 
PDF
Job vacancies cti group
Yusuf Hadiwinata Sutandar
 
PDF
Devops Indonesia - DevSecOps - The Open Source Way
Yusuf Hadiwinata Sutandar
 
PDF
Devops indonesia - The Future Container
Yusuf Hadiwinata Sutandar
 
PDF
Journey to the devops automation with docker kubernetes and openshift
Yusuf Hadiwinata Sutandar
 
PDF
War of Openstack Private Cloud Distribution
Yusuf Hadiwinata Sutandar
 
PDF
create auto scale jboss cluster with openshift
Yusuf Hadiwinata Sutandar
 
PDF
Docker handons-workshop-for-charity
Yusuf Hadiwinata Sutandar
 
Varnish Enterprise Feature​ Migration From Varnish Cache​
Yusuf Hadiwinata Sutandar
 
Presentasi_Yusuf_Hadiwinata_Sutandar_PANDI_Berdaulat_Digital.pdf
Yusuf Hadiwinata Sutandar
 
LOUCA23 Yusuf Hadiwinata Linux Security BestPractice
Yusuf Hadiwinata Sutandar
 
How DevOps works in the Enterprise
Yusuf Hadiwinata Sutandar
 
Acronis Meet and Learn
Yusuf Hadiwinata Sutandar
 
BiznetGio Presentation Business Continuity
Yusuf Hadiwinata Sutandar
 
March of the Penguin - 31 years Linux Snapshot
Yusuf Hadiwinata Sutandar
 
Choose the Right Container Storage for Kubernetes
Yusuf Hadiwinata Sutandar
 
Biznet GIO National Seminar on Digital Forensics
Yusuf Hadiwinata Sutandar
 
PHPIDOL#80: Kubernetes 101 for PHP Developer. Yusuf Hadiwinata - VP Operation...
Yusuf Hadiwinata Sutandar
 
Kubernetes Jakarta Meetup 010 - Service Mesh Observability with Kiali
Yusuf Hadiwinata Sutandar
 
Devops Indonesia Presentation Monitoring Framework
Yusuf Hadiwinata Sutandar
 
Bssn book security awarness
Yusuf Hadiwinata Sutandar
 
Job vacancies cti group
Yusuf Hadiwinata Sutandar
 
Devops Indonesia - DevSecOps - The Open Source Way
Yusuf Hadiwinata Sutandar
 
Devops indonesia - The Future Container
Yusuf Hadiwinata Sutandar
 
Journey to the devops automation with docker kubernetes and openshift
Yusuf Hadiwinata Sutandar
 
War of Openstack Private Cloud Distribution
Yusuf Hadiwinata Sutandar
 
create auto scale jboss cluster with openshift
Yusuf Hadiwinata Sutandar
 
Docker handons-workshop-for-charity
Yusuf Hadiwinata Sutandar
 

Recently uploaded (20)

PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
KodekX | Application Modernization Development
KodekX
 
Encapsulation theory and applications.pdf
gurumoop
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Cloud computing and distributed systems.
kkkkkhan
 
Approach and Philosophy of On baking technology
30anthuong17
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Modernizing your data center with Dell and AMD
Principled Technologies
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
A Presentation on Artificial Intelligence
memembruh336
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 

Biznet Gio Presentation - Database Security

  • 2. Yusuf Hadiwinata Sutandar Linux Geek, Opensource Enthusiast, Security Hobbies RHCT, RHCSAv5-v7,RHCEv5-v7,RHCVA, RHCI, RHCX, RHCSA-RHOS,RHCJA,CEI, CEH, CHFI, CND, EDRP, CCNA, MCTCNA, Security+, Network+, VCA, vExpert 2017-2018 Senior Operation Manager Technology
  • 4. Key-Service For Your Business What Is Database Security? Database security, under the umbrella of information security, protects the confidentiality, integrity and availability of an organization’s databases.
  • 5. Key-Service For Your Business Importance of Database Security and Integrity Database security is more than just important: it is essential to any company with any online component. Sufficient database security prevents data bring lost or compromised, which may have serious ramifications for the company both in terms of finances and reputation
  • 6. Key-Service For Your Business Biggest Data Breaches of 2018 Aadhaar (Kemendagri India) 1.1 billion records breached Date disclosed: January 3, 2018 Facebook (sosmed) At least 87 million records breached Date disclosed: March 17, 2018 The Oregon Clinic (healtcare) Records affected: 64,487 The most affected industries in 2017 (by number of breaches) https://www.medcareernews.com/top-industries-affected-data-leaks-2017/
  • 7. Key-Service For Your Business Data Breaches of 2018 Map http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
  • 8. Key-Service For Your Business Most Common Attack Vector https://www.sophos.com/en-us/medialibrary/pdfs/other/apt-infographic.pdf?cmp=70130000001xIObAAM
  • 9. Key-Service For Your Business Enterprise Security Framework Source: Oracle Security In Depth Reference Architecture
  • 10. Key-Service For Your Business Database Security Conceptual View Source: Oracle Security In Depth Reference Architecture
  • 11. Key-Service For Your Business Data Security Logical Architecture View Source: Oracle Security In Depth Reference Architecture
  • 12. Key-Service For Your Business The Methodology for Proven Database Security Leverage Biznet Manage Services Provider to secure cloud database investment
  • 13. Key-Service For Your Business Inventory • Discover, classify and prioritize the databases containing your valuable information whether cloud based or on-premise • Discover, Track and Manage Your SQL Server Inventory • Manage known databases on your network and in the cloud; discover unknown databases outside the scope of current compliance controls
  • 14. Key-Service For Your Business Inventory
  • 15. Key-Service For Your Business Testing • Define and manage security standards and compliance policies to be used to assess database security posture • Schedule or run ad-hoc job-based assessments to quantify cloud based or on-premise database adherence to selected policies
  • 16. Key-Service For Your Business Compliance and Certifications
  • 17. Key-Service For Your Business Compliance Enablement Logical Architecture Source: Oracle Security In Depth Reference Architecture
  • 18. Key-Service For Your Business Eliminate Vulnerabilities • Fix potentially harmful password configurations, table access grants, user roles and other vulnerable areas identified in assessment of database assets. • Conduct regular and continuous assessments to identify issues and ensure that they are remediated in a timely manner.
  • 19. Key-Service For Your Business Enforce Least Privileges • Ensure employees and applications have only the rights needed to do their jobs • Understand who has access to what data and how they’ve been granted that access Key Point: Analyze membership to powerful server roles and groups such as administrators, systems administrators, and security administrators to ensure the level of access is warranted. From a group, see the list of group members and select a member for further analysis. From a user, see the group memberships and drill upwards to view inherited permissions.
  • 20. Key-Service For Your Business Monitor for Anomalies • Inspect database access and activities for policy violations and attempted attacks • Audit actions of known privileged users as well as administrative activity
  • 21. Key-Service For Your Business Fraud Detection Logical Architecture View Source: Oracle Security In Depth Reference Architecture
  • 22. Key-Service For Your Business Protecting • Deploy policy-based Activity Monitoring to create an easily managed set of actionable security and compliance alerts. • Transparent Data Encryption (TDE) to protect sensitive data • Database Firewall acts as the first line of defense for databases, helping prevent internal and external attacks from reaching the database
  • 23. Key-Service For Your Business DR / Backup Plan - Multiple Data Center Cloud Provider providing Multi Region Provide higher Avaibility to Database
  • 24. Key-Service For Your Business No Bandwidth Hassle
  • 25. Key-Service For Your Business Respond to Incident Audit and Respond to suspicious activity and policy violations in real time • Send an alert to IT Security to prompt further investigation. • Notify the SIEM system to correlate database activity with web application logs. • Initiate a malware scan to remove any injected code. • Lockout the user’s account to prevent further attempts to access sensitive data.
  • 26. Key-Service For Your Business Peace of Mind
  • 27. Key-Service For Your Business Question and Answer
  • 28. Key-Service For Your Business Key-Service For Your Business www.biznetgiocloud.com PT. Biznet Gio Nusantara MidPlaza 1, 7th Floor Jl. Jend Sudirman Kav. 10-11 Jakarta 10220 – Indonesia