Re: Oracle TDE Question

  • From: Hans Forbrich <fuzzy.graybeard@xxxxxxxxx>
  • To: oracle-l@xxxxxxxxxxxxx
  • Date: Thu, 25 Feb 2016 10:45:05 -0700

Many applications have significant numbers of code/value lookup tables.

Many applications, especially 3-tier applications, do validation using those lookup tables.

In many cases those code tables are not sensitive.

Unless appropriate caching is used (keep cache), bashing against encrypted storage introduce unnecessary overhead.

I totally agree when you talk about 'business-generated' data. But the list of countries, states, cities ...?

/Hans

On 25/02/2016 10:13 AM, Powell, Mark wrote:


I am of the opinion that if you buy TDE you should use probably use it on all tablespaces. When you really consider it most business data is sensitive. Most of the data may not need access within the company restricted, but you would not want your competition or a hacker to have access so encrypting the disk version makes business sense.

Make sure management and developers understand use of TDE in no way excuses lack of control of the object level privileges.

*From:*oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] *On Behalf Of *MJ Mody
*Sent:* Thursday, February 25, 2016 9:58 AM
*To:* christopherdtaylor1994@xxxxxxxxx
*Cc:* oracle-l@xxxxxxxxxxxxx
*Subject:* Re: Oracle TDE Question

A valid question here is if your organization has previously gone through the exercise of identifying PII. Should this be the case than it is known which objects should utilize the encrypted tablespaces.

In interest of time, is it prudent to enable TDE on all tablespaces?

That said overall overhead Oracle says is 6%-8% with TDE.


On Feb 25, 2016, at 7:54 AM, Chris Taylor <christopherdtaylor1994@xxxxxxxxx <mailto:christopherdtaylor1994@xxxxxxxxx>> wrote:

    I think I know the answer to this question, but want to confirm
    for completeness.

    When you use Oracle TDE (with the appropriate licenses of course),
    is it supported to have both non-encrypted tablespaces and
    encrypted tablespaces in the same database, correct?

    If it's not I'd be surprised but wanted to confirm.

    Thanks!

    Chris Taylor


Other related posts: