Re: PCI/SOX Datagase environment

• From: Job Miller <jobmiller@xxxxxxxxx>
• To: oracle-l@xxxxxxxxxxxxx, smishra_97@xxxxxxxxx
• Date: Thu, 6 May 2010 18:08:13 -0700 (PDT)

the Oracle Data Masking solution requires you "clone" production first because 
it masks the data in the database.

You clone and mask in that order.  if you masked first, you just scrambled your 
production data.

<quote>

Unlike traditional masking processes that are typically slow, Oracle Data 
Masking
Pack uses highly efficient parallelized bulk operations to replace the original
sensitive data with masked data. Because the entire data masking process is 
done in
place, enterprises can be assured of a greater sense of security knowing that 
the
sensitive data would never leave the database during the masking process.

</quote>

it is done in place, which means it operates on an already existing clone.

<quote>
Oracle Data Masking Pack is also integrated with Oracle Provisioning and Patch
Automation Pack in Oracle Enterprise Manager to clone-and-mask via a single
workflow. The secure high performance nature of Oracle Data Masking combined
with the end-to-end workflow ensures that enterprise can provision test systems
from production rapidly instead of days or weeks that it would with separate 
manual
processes.
</quote>

maybe your security manager got confused by oracle marketing and thought secure 
masking meant the data wasn't moved before masking.  Oracle says it doesn't 
require moving your data off to some other server to scrub it.. it does it "in 
place" in the clone.

hope that helps.

Job





--- On Thu, 5/6/10, Sanjay Mishra <smishra_97@xxxxxxxxx> wrote:

From: Sanjay Mishra <smishra_97@xxxxxxxxx>
Subject: PCI/SOX Datagase environment
To: oracle-l@xxxxxxxxxxxxx
Date: Thursday, May 6, 2010, 5:25 PM

Hi
 
I had one PCI/Sox Oracle Ebusiness Suite environment. I had to refresh QA 
environment which was done few time earlier but due to new security Manager, he 
stopped and told that I can only be able to refresh if I can first Masked the 
data in Prod and then move the Data to QA and make sure the secure data is 
either not moved to scrumbled before moving to QA
 
Data in Prod is already encrypted but he ask for some Oracle Solution to mask 
the data before moving to QA. I told that Data is already envrypted and I can 
do more required masking afer it is moved to QA and before handing to the user. 
But it is not acceptable and looking for Oracle Solution
 
So I am sure several Great DBA in this group are in such kind of secure 
environemnt and want to know how it was handled.
1.  Is it possible to use any Oracle Security tool to make it happen in 
Production before moving the Db Backup to QA
2. Any document provided by Oracle to handle such senario
 
Any comments or Links is very appreciated
 
 
TIA
Sanjay








      


      

• Follow-Ups:
  • Re: PCI/SOX Datagase environment
    • From: Sanjay Mishra

• References:
  • PCI/SOX Datagase environment
    • From: Sanjay Mishra

Other related posts:

• » PCI/SOX Datagase environment- Sanjay Mishra
• » Re: PCI/SOX Datagase environment - Job Miller
• » Re: PCI/SOX Datagase environment- Job Miller
• » Re: PCI/SOX Datagase environment- Sanjay Mishra
• » Re: PCI/SOX Datagase environment- Sanjay Mishra

1. Home
2. oracle-l
3. Archive
4. 05-2010

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---