Secure Your Databases

Control User and Network Access

Enterprise Architect, Security Architect, Data Architect

Use passwords, private subnets, and network security groups to control user and network access.

Ensure that the passwords used to authenticate to the database are strong.
Attach the DB systems to private subnets.
A private subnet doesn’t have internet connectivity. You can use a NAT gateway for secured egress traffic and a service gateway to connect to backup endpoints (object storage).
Use network security groups or security lists to permit only the required network access to your DB systems.

Restrict Permissions for Deleting Database Resources

Enterprise Architect, Security Architect, Data Architect

To prevent inadvertent or malicious deletion of databases, grant the delete permissions (DATABASE_DELETE and DB_SYSTEM_DELETE) to a minimum set of users and groups.

The following IAM policy statements allow DB users to manage databases, database systems, and database homes. But the condition where request.permission!='DB_SYSTEM_DELETE' ensures that the DB users can't delete databases.

Allow group DBUsers to manage db-systems in tenancy where request.permission!='DB_SYSTEM_DELETE'
Allow group DBUsers to manage databases in tenancy where request.permission!='DATABASE_DELETE'
Allow group DBUsers to manage db-homes in tenancy where request.permission!='DB_HOME_DELETE'

Encrypt Data

Enterprise Architect, Security Architect, Data Architect

All databases created in Oracle Cloud Infrastructure are encrypted using transparent data encryption (TDE). Ensure that any migrated databases are also encrypted.

Periodically rotate the TDE master key. The recommended rotation period is 90 days or less.

Secure and Manage Keys

Enterprise Architect, Security Architect, Data Architect

Use Transparent Data Encryption (TDE) to secure and manage keys.

TDE is a feature of Oracle Database used to encrypt sensitive data. For more complex setups and for larger organisations, a centralised key management is needed, as managing encryption keys across different databases, applications, and servers can be a complex task. A centralised key management simplifies this by providing a unified platform where all cryptographic keys, Oracle Wallets, Java Keystores, and other secrets can be securely stored and managed. This centralisation reduces administrative overhead, improves security posture, and ensures consistent key management practices across the enterprise.

Apply Security Patches

Enterprise Architect, Security Architect, Data Architect

Apply Oracle Database security patches (Oracle Critical Patch Updates) to mitigate known security issues, and keep the patches up-to-date.

Use DB Security Tools

Enterprise Architect, Security Architect, Data Architect

The Oracle Database Security Assessment Tool provides automated security configuration checks of Oracle databases in Oracle Cloud Infrastructure. Oracle Audit Vault and Database Firewall (AVDF) monitors database audit logs and creates alerts.

Enable Data Safe

Enterprise Architect, Security Architect, Data Architect

Data Safe is a unified control center for Oracle cloud and on-premises databases. Use Data Safe to asses database and data security configuration, detect associated risk for user accounts, identify existing sensitive data, implement controls to protect data, and audit user activity.

Extend Data Safe audit retention policy to one year.
Mask data identified as sensitive by Data Discovery.
Use Security Assessment to identify recommended security controls by Center for Internet Security (CIS), General Data Protection Regulation (GDPR), and Department of Defense library of Security Technical Implementation Guides (STIG).
Setup alerts for key events in Data Safe Activity Auditing.

Enable Private Endpoints for Autonomous Databases

Enterprise Architect, Security Architect, Data Architect

When possible, use private endpoints with Oracle Autonomous Database.

A private endpoint is used to eliminate public access to shared autonomous databases. All traffic for the database remains private using a VCN in Oracle Cloud Infrastructure without the need for transit routing or use of a service gateway.

Use a dedicated private subnet when defining Private Endpoints.
For the Private Endpoint Network Security Group, define a stateless Ingress Rule with Protocol TCP and Destination Port equal to the Database Listener Port. Restrict source CIDR label to only subnets or, for on-premises, Dynamic Routing Gateways (DRGs), with allowed access.
For the Private Endpoint Network Security Group, define a stateless Egress Rule with Protocol TCP. Restrict destination CIDR to only subnets or, for on-premises, DRGs, with allowed access.

Implement Oracle Database Maximum Security Architecture

Oracle's Maximum Security Architecture provides a robust framework for protecting sensitive data in databases. It offers a comprehensive approach to database security, focusing on three critical areas: assess, detect, and prevent. By assessing the current state of the database, organizations can identify vulnerabilities and weaknesses that might be exploited by attackers. This involves evaluating the database configuration, user access controls, and data protection measures.

Detecting inappropriate or unauthorized access attempts is the next crucial layer of defense. Oracle's advanced auditing capabilities enable organizations to monitor database activities, identify suspicious behavior, and respond promptly to potential threats. By setting up alerts and monitoring key database events, administrators can detect and mitigate attacks before they cause significant damage. Preventing unauthorized access to data is the final fortress in Oracle's security architecture. This includes implementing strong authentication mechanisms, access control lists, and encryption techniques. By segregating duties, using least privilege principles, and employing virtual private databases, organizations can ensure that only authorized users can access sensitive data, thereby preventing unauthorized modifications or disclosures.