1. Getting Started with Oracle Enterprise Performance Management Cloud for Administrators
  2. Securing EPM Cloud
  3. Understanding EPM Cloud Security Compliance Features
  4. Data Encryption Using Transparent Data Encryption

Data Encryption Using Transparent Data Encryption

To satisfy the requirement of encryption of data-at-rest, Oracle Enterprise Performance Management Cloud uses Transparent Data Encryption (TDE) to encrypt all data at the tablespace level. Each tablspace has its own encryption key.

Encryption keys are encrypted using a master key. The master key is encrypted using AES-256 encryption and is rotated regularly. In Classic environments, the master key is stored in an Oracle Wallet. In OCI (Gen 2) environments, it is stored in a Hardware Security Module (HSM) for additional security.

In OCI (Gen 2) environments, tablespace is also encrypted using AES-256 encryption.