Target Database Information Stored in Oracle Data Safe

As an Oracle Data Safe service consumer, you control what data is retrieved and stored by Oracle Data Safe.

Typical types of data are:

• Audit data and metadata about database users, including username, privileges and role assignments - If configured to do so, Oracle Data Safe collects audit data and user metadata from the target databases for analysis, alerting, and reporting.

• Metadata about audit policies - If configured to do so, Oracle Data Safe collects information about unified audit policies within the database, including the policy name, policy condition, and policy state (enabled/disabled).

• Metadata about the database's security configuration, including users and their privileges - If configured to do so, Oracle Data Safe collects configuration information from the database to identify areas where the configuration does not match common practices or may introduce additional risk, or where security features are not enabled.

• Metadata about database users, including username, privileges and role assignments, and account status - If configured to do so, Oracle Data Safe collects information about users to assess user risk.

• Metadata about data stored within the database - If configured to do so, Oracle Data Safe scans the target database for sensitive data and retrieves the schema, table, and column names, as well as the number of rows of data involved. The database schema names, table names, and column names are collected within Oracle Data Safe and associated with the appropriate sensitive data type.

• Metadata about database structures - If configured to do so, Oracle Data Safe masks sensitive data within the database. As part of that operation, Oracle Data Safe collects information about table structures, including primary and foreign key relationships, column names and data types, and the names and types of indexes.

• Data - During the data discovery process, users can select “Collect, display, and store sample data.” Enabling this option will retrieve and store one (1) sample value for each discovered item of sensitive data to assist Oracle Data Safe users in validating the discovery results. This option is turned off by default. Oracle Data Safe automatically deletes the collected sample data when the user deletes the sensitive data model.

• Metadata about the database - To provide supported features, Oracle Data Safe collects metadata about the database, including database edition and version.

• Database connection details, including database credentials - When a database is registered in Oracle Data Safe, Oracle Data Safe collects database connection details and the Oracle Data Safe database account credentials, as provided through user inputs, to be able to access the database and provide the Oracle Data Safe features.

Oracle Data Safe is a multi-tenant service running in a service tenancy owned by Oracle. Service data associated with the instance is stored in a back-end Oracle Autonomous AI Database Serverless database that’s dedicated to the customer and region and is isolated from other customers’ instances. For more information, refer to the Privacy and Security Feature Guidance for Oracle Autonomous AI Database Serverless available on My Oracle Support (Doc ID 114.2).