Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "New GDPR Book and the Oracle Database"] [Next entry: "Securing Data in Oracle Databases"]

GDPR and Oracle Database

I wrote a short blog post last week regarding GDPR and the Oracle database and discussed at a high level the main articles that could affect your security plans for an Oracle database.

As I said last week GDPR Speaksto users of Oracle that data security matters, data security should be by default and data security should be always enabled. It also Speaks of the need to have useful and usable audit trails so that if you are breached; ideally you know straight away and either block it and stop it or stop it and react as close to the event as possible BUT if you have decent audit trails you can know how the breach happened and how the attacker got in and of course plug the gaps.

If you have a good data security regime and have planned and implemented it and you have found all important (in the case of GDPR PII) data and protected it with pseudonymisation or encryption then the impact should be less - I am not the ICO or a lawyer so cannot speak for them BUT for sure if you don't have data security or an audit trail or encryption and don't know where your data is and record how its accessed and used (audit trails) then you will have a big problem with GDPR

I did a talk a couple of times in the past about GDPR and Oracle and the slides are here - GDPR for the Oracle DBA.

#oracleace #23c #dbsec #oracle #database #security #gdpr