Re: PCI/SOX Datagase environment
- From: Sanjay Mishra <smishra_97@xxxxxxxxx>
- To: jobmiller@xxxxxxxxx, oracle-l@xxxxxxxxxxxxx
- Date: Thu, 6 May 2010 21:07:32 -0700 (PDT)
Thanks Job. Sometimes marketing team presents the stuff in such a way that
manager thinks that there are tools provided by oracle that can do all without
moving the environment. I never look to Oracle Data Masking Pack and will
surely check it
Sanjay
________________________________
From: Job Miller <jobmiller@xxxxxxxxx>
To: oracle-l@xxxxxxxxxxxxx; smishra_97@xxxxxxxxx
Sent: Thu, May 6, 2010 9:08:13 PM
Subject: Re: PCI/SOX Datagase environment
the Oracle Data Masking solution requires you "clone" production first because
it masks the data in the database.
You clone and mask in that order. if you masked first, you just scrambled your
production data.
<quote>
Unlike traditional masking processes that are typically slow, Oracle Data
Masking
Pack uses highly efficient parallelized bulk operations to replace the original
sensitive data with masked data. Because the entire data masking process is
done in
place, enterprises can be assured of a greater sense of security knowing that
the
sensitive data would never leave the database during the masking process.
</quote>
it is done in place, which means it operates on an already existing clone.
<quote>
Oracle Data Masking Pack is also integrated with Oracle Provisioning and Patch
Automation Pack in Oracle Enterprise Manager to clone-and-mask via a single
workflow. The secure high performance nature of Oracle Data Masking combined
with the end-to-end workflow ensures that enterprise can provision test systems
from production rapidly instead of days or weeks that it would with separate
manual
processes.
</quote>
maybe your security manager got confused by oracle marketing and thought secure
masking meant the data wasn't moved before masking. Oracle says it doesn't
require moving your data off to some other server to scrub it.. it does it "in
place" in the clone.
hope that helps.
Job
--- On Thu, 5/6/10, Sanjay Mishra <smishra_97@xxxxxxxxx> wrote:
>From: Sanjay Mishra <smishra_97@xxxxxxxxx>
>Subject: PCI/SOX Datagase environment
>To: oracle-l@xxxxxxxxxxxxx
>Date: Thursday, May 6, 2010, 5:25 PM
>
>
>Hi
>
>I had one PCI/Sox Oracle Ebusiness Suite environment. I had to refresh QA
>environment which was done few time earlier but due to new security Manager,
>he stopped and told that I can only be able to refresh if I can first Masked
>the data in Prod and then move the Data to QA and make sure the secure data is
>either not moved to scrumbled before moving to QA
>
>Data in Prod is already encrypted but he ask for some Oracle Solution to mask
>the data before moving to QA. I told that Data is already envrypted and I can
>do more required masking afer it is moved to QA and before handing to the
>user. But it is not acceptable and looking for Oracle Solution
>
>So I am sure several Great DBA in this group are in such kind of secure
>environemnt and want to know how it was handled.
>1. Is it possible to use any Oracle Security tool to make it happen in
>Production before moving the Db Backup to QA
>2. Any document provided by Oracle to handle such senario
>
>Any comments or Links is very appreciated
>
>
>TIA
>Sanjay
>
Other related posts:
