Hi Sallie,
"What Jeff said" for your solution. TDE and obfuscation is the most modern
and reliable choice for your Oracle database challenge if you want to stay
with an Oracle product. There are other products on the market that can do
this as well.
*Kellyn Pot'Vin-Gorman*
DBAKevlar Blog <http://dbakevlar.com>
about.me/dbakevlar
On Tue, Mar 17, 2020 at 9:25 AM Jeffrey Beckstrom <jbeckstrom@xxxxxxxxx>
wrote:
Transparent Data Encryption will encrypt the data at rest (on disk). If
you want to encrypt it in memory as well then you would need to use the
DBMS_OBFUSCATION package to encrypt and decrpt the data in your sql.
Jeffrey Beckstrom
Lead Database Administrator
Information Technology Department
Greater Cleveland Regional Transit Authority
1240 W. 6th Street
Cleveland, Ohio 44113
Hi, Sallie - in my last “real” DBA job, before I moved to Quest and"Clay Jackson (cjackson)" <Clay.Jackson@xxxxxxxxx> 3/17/20 12:11 PM
started doing Sales Engineering stuff; we used Virtual Private Database for
just exactly the same type of thing you outlined.
We had one column in one table that contained a Tax ID number, and needed
to protect it. VPD was the easiest solution for us.
I might have some examples, or be able to come up with something when I’m
back in my (home) office later today.
At least then (Oracle 11), it did require Advanced Security.
Sent from my iPhone
Clay Jackson
Quest Software
On Mar 17, 2020, at 7:30 AM, Sallie Cottingham <
Sallie.Cottingham@xxxxxxxxxx> wrote:
CAUTION: This email originated from outside of the organization. Do not
follow guidance, click links, or open attachments unless you recognize the
sender and know the content is safe.
What are your thoughts/experiences with encryption?
We have one very old database that stores SSN in several tables (did I say
it is old and definitely not normalized?). The system is currently being
rewritten but in the meantime, we are looking to see Oracle options for
encryption. In your experiences how have you handled just one element
encryption or one element in several locations?
I’m also assuming this will require an additional license – is that
correct?
*Sallie Cottingham*
Database Administrator
Comptroller of the Treasury
Technology Solutions
425 Fifth Avenue North
Nashville, TN 37243-34001
*sallie.Cottingham@xxxxxxxxxx <sallie.Cottingham@xxxxxxxxxx>*
615-401-7962
<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fforms.office.com%2FPages%2FResponsePage.aspx%3Fid%3D2LIbXg4PBUmsyXNR-FBv9vKJmJb3wIJGtlfwguW_b_tUOENWVkxEUUZOT0pHS00xSk1NVzZZSDBVRy4u&data=02%7C01%7Cclay.jackson%40quest.com%7C87f172e4b6534957b4c808d7ca7fb028%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637200522078453373&sdata=jWLSIC%2Ft6LMjQugQxAlTRGXjkzXIDiQnB5k9dk%2BMfmE%3D&reserved=0>
<image001.png>
<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fforms.office.com%2FPages%2FResponsePage.aspx%3Fid%3D2LIbXg4PBUmsyXNR-FBv9vKJmJb3wIJGtlfwguW_b_tUOENWVkxEUUZOT0pHS00xSk1NVzZZSDBVRy4u&data=02%7C01%7Cclay.jackson%40quest.com%7C87f172e4b6534957b4c808d7ca7fb028%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637200522078453373&sdata=jWLSIC%2Ft6LMjQugQxAlTRGXjkzXIDiQnB5k9dk%2BMfmE%3D&reserved=0>
