Abstract image of a woman sitting on books and studying on a laptop

Biznet Gio Presentation - Database Security

Yusuf Hadiwinata Sutandar, profile picture
Yusuf Hadiwinata Sutandar

This document provides information on database security. It discusses how database security protects confidentiality, integrity and availability of databases. It also discusses the importance of database security to prevent data loss or compromise. Some of the largest data breaches in 2018 are summarized, including breaches of Aadhaar and Facebook that exposed over 1 billion and 87 million records respectively. Common attack vectors and frameworks for implementing database security are referenced. Finally, the document outlines a methodology for implementing proven database security practices around inventory, testing, compliance, eliminating vulnerabilities, enforcing least privileges, monitoring for anomalies, data protection, backup plans, and responding to incidents.

Technology
1 of 28
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
Biznet Gio Presentation - Database Security
Yusuf Hadiwinata Sutandar Linux Geek, Opensource Enthusiast, Security Hobbies RHCT, RHCSAv5-v7,RHCEv5-v7,RHCVA, RHCI, RHCX, RHCSA-RHOS,RHCJA,CEI, CEH, CHFI, CND, EDRP, CCNA, MCTCNA, Security+, Network+, VCA, vExpert 2017-2018 Senior Operation Manager Technology
Key-Service For Your Business
Key-Service For Your Business What Is Database Security? Database security, under the umbrella of information security, protects the confidentiality, integrity and availability of an organization’s databases.
Key-Service For Your Business Importance of Database Security and Integrity Database security is more than just important: it is essential to any company with any online component. Sufficient database security prevents data bring lost or compromised, which may have serious ramifications for the company both in terms of finances and reputation
Key-Service For Your Business Biggest Data Breaches of 2018 Aadhaar (Kemendagri India) 1.1 billion records breached Date disclosed: January 3, 2018 Facebook (sosmed) At least 87 million records breached Date disclosed: March 17, 2018 The Oregon Clinic (healtcare) Records affected: 64,487 The most affected industries in 2017 (by number of breaches) https://www.medcareernews.com/top-industries-affected-data-leaks-2017/
Key-Service For Your Business Data Breaches of 2018 Map http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
Key-Service For Your Business Most Common Attack Vector https://www.sophos.com/en-us/medialibrary/pdfs/other/apt-infographic.pdf?cmp=70130000001xIObAAM
Key-Service For Your Business Enterprise Security Framework Source: Oracle Security In Depth Reference Architecture
Key-Service For Your Business Database Security Conceptual View Source: Oracle Security In Depth Reference Architecture
Key-Service For Your Business Data Security Logical Architecture View Source: Oracle Security In Depth Reference Architecture
Key-Service For Your Business The Methodology for Proven Database Security Leverage Biznet Manage Services Provider to secure cloud database investment
Key-Service For Your Business Inventory • Discover, classify and prioritize the databases containing your valuable information whether cloud based or on-premise • Discover, Track and Manage Your SQL Server Inventory • Manage known databases on your network and in the cloud; discover unknown databases outside the scope of current compliance controls
Key-Service For Your Business Inventory
Key-Service For Your Business Testing • Define and manage security standards and compliance policies to be used to assess database security posture • Schedule or run ad-hoc job-based assessments to quantify cloud based or on-premise database adherence to selected policies
Key-Service For Your Business Compliance and Certifications
Key-Service For Your Business Compliance Enablement Logical Architecture Source: Oracle Security In Depth Reference Architecture
Key-Service For Your Business Eliminate Vulnerabilities • Fix potentially harmful password configurations, table access grants, user roles and other vulnerable areas identified in assessment of database assets. • Conduct regular and continuous assessments to identify issues and ensure that they are remediated in a timely manner.
Key-Service For Your Business Enforce Least Privileges • Ensure employees and applications have only the rights needed to do their jobs • Understand who has access to what data and how they’ve been granted that access Key Point: Analyze membership to powerful server roles and groups such as administrators, systems administrators, and security administrators to ensure the level of access is warranted. From a group, see the list of group members and select a member for further analysis. From a user, see the group memberships and drill upwards to view inherited permissions.
Key-Service For Your Business Monitor for Anomalies • Inspect database access and activities for policy violations and attempted attacks • Audit actions of known privileged users as well as administrative activity
Key-Service For Your Business Fraud Detection Logical Architecture View Source: Oracle Security In Depth Reference Architecture
Key-Service For Your Business Protecting • Deploy policy-based Activity Monitoring to create an easily managed set of actionable security and compliance alerts. • Transparent Data Encryption (TDE) to protect sensitive data • Database Firewall acts as the first line of defense for databases, helping prevent internal and external attacks from reaching the database
Key-Service For Your Business DR / Backup Plan - Multiple Data Center Cloud Provider providing Multi Region Provide higher Avaibility to Database
Key-Service For Your Business No Bandwidth Hassle
Key-Service For Your Business Respond to Incident Audit and Respond to suspicious activity and policy violations in real time • Send an alert to IT Security to prompt further investigation. • Notify the SIEM system to correlate database activity with web application logs. • Initiate a malware scan to remove any injected code. • Lockout the user’s account to prevent further attempts to access sensitive data.
Key-Service For Your Business Peace of Mind
Key-Service For Your Business Question and Answer
Key-Service For Your Business Key-Service For Your Business www.biznetgiocloud.com PT. Biznet Gio Nusantara MidPlaza 1, 7th Floor Jl. Jend Sudirman Kav. 10-11 Jakarta 10220 – Indonesia

More Related Content

PDF
Biznet Gio Presentation - Cloud Computing
Yusuf Hadiwinata Sutandar
 
PDF
Protecting National Critical Infrastructure Asiangames 2018
Yusuf Hadiwinata Sutandar
 
PPTX
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
Maganathin Veeraragaloo
 
PDF
Workshop on CASB Part 2
Priyanka Aash
 
PDF
ECS: Delivering Better Cyber Intelligence and Compliance
Elasticsearch
 
PPSX
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
centralohioissa
 
PPTX
Security and governance in the cloud
Julian Knight
 
PPTX
Security As A Service In Cloud(SECaaS)
أحلام انصارى
 
Biznet Gio Presentation - Cloud Computing
Yusuf Hadiwinata Sutandar
 
Protecting National Critical Infrastructure Asiangames 2018
Yusuf Hadiwinata Sutandar
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
Maganathin Veeraragaloo
 
Workshop on CASB Part 2
Priyanka Aash
 
ECS: Delivering Better Cyber Intelligence and Compliance
Elasticsearch
 
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
centralohioissa
 
Security and governance in the cloud
Julian Knight
 
Security As A Service In Cloud(SECaaS)
أحلام انصارى
 

What's hot (19)

PPTX
The Software-Defined Perimeter: Securing Network Access for the Modern Workforce
Perimeter 81
 
PPTX
Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...
Rohan Singh
 
PDF
63 Requirements for CASB
Kyle Watson
 
PDF
Take It to the Cloud: The Evolution of Security Architecture
Priyanka Aash
 
PDF
CSA Introduction 2013 David Ross
Graeme Wood
 
PPTX
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Himani Singh
 
PDF
Thin Air or Solid Ground? Practical Cloud Security
Dan Fitzgerald, CISSP, CIPM
 
PDF
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera Technologies
 
PDF
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
Priyanka Aash
 
PPTX
Rethinking Cybersecurity for the Digital Transformation Era
Zscaler
 
PDF
CSA Standards Development Summary
CloudSecurityAllianceAustralia
 
PPTX
The evolution of IT in a cloud world
Zscaler
 
PPTX
Secure your M365 resources using Azure AD Identity Governance
Vignesh Ganesan I Microsoft MVP
 
PPTX
Secure your cloud applications by building solid foundations with enterprise ...
Vladimir Jirasek
 
PDF
Implementing zero trust architecture in azure hybrid cloud
Ajit Bhingarkar
 
PDF
Using Data Science for Cybersecurity
VMware Tanzu
 
PPTX
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
centralohioissa
 
PDF
CASB — Your new best friend for safe cloud adoption?
Digital Transformation EXPO Event Series
 
PPTX
NIST Cybersecurity Framework (CSF) on the Public Cloud
CloudHesive
 
The Software-Defined Perimeter: Securing Network Access for the Modern Workforce
Perimeter 81
 
Rohan s w2 - top 5 tools that help in monitoring compliance for pci dss and...
Rohan Singh
 
63 Requirements for CASB
Kyle Watson
 
Take It to the Cloud: The Evolution of Security Architecture
Priyanka Aash
 
CSA Introduction 2013 David Ross
Graeme Wood
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Himani Singh
 
Thin Air or Solid Ground? Practical Cloud Security
Dan Fitzgerald, CISSP, CIPM
 
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...
Cyxtera Technologies
 
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
Priyanka Aash
 
Rethinking Cybersecurity for the Digital Transformation Era
Zscaler
 
CSA Standards Development Summary
CloudSecurityAllianceAustralia
 
The evolution of IT in a cloud world
Zscaler
 
Secure your M365 resources using Azure AD Identity Governance
Vignesh Ganesan I Microsoft MVP
 
Secure your cloud applications by building solid foundations with enterprise ...
Vladimir Jirasek
 
Implementing zero trust architecture in azure hybrid cloud
Ajit Bhingarkar
 
Using Data Science for Cybersecurity
VMware Tanzu
 
Jervis Hui - No Tradeoffs: Cloud Security & Privacy Don't Need To Be At Odds
centralohioissa
 
CASB — Your new best friend for safe cloud adoption?
Digital Transformation EXPO Event Series
 
NIST Cybersecurity Framework (CSF) on the Public Cloud
CloudHesive
 
Ad

Similar to Biznet Gio Presentation - Database Security (20)

PDF
Best Practices for implementing Database Security Comprehensive Database Secu...
Kal BO
 
PDF
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Edgar Alejandro Villegas
 
PDF
Ppt security-database-overview-11g r2
Oracle BH
 
PPTX
Security of the Cloud of the users Computing 2.pptx
SrujanSd
 
PPTX
basic to advance network security concepts
amansinght675
 
PPTX
Database Security Assessment | Database Security Assessment Services
Cyber Security Experts
 
PDF
Oracle 11g database security
elshiekh1980
 
PDF
Wp security-data-safe
ALI ANWAR, OCP®
 
PPTX
Oracle 11g security - 2014
Connor McDonald
 
PPTX
Oracle database threats - LAOUC Webinar
Osama Mustafa
 
PDF
Best Practices in Implementing Oracle Database Security Products
Estuate, Inc.
 
PDF
Enabling digital transformation with MySQL
MySQL Brasil
 
PDF
MySQL Day Paris 2016 - MySQL Enterprise Edition
Olivier DASINI
 
PDF
MySQL Manchester TT - Security
Mark Swarbrick
 
PPTX
Working of Google App Engine Cloud Computing.pptx
SrujanSd
 
PDF
Tänased võimalused turvalahendustes - Tarvi Tara
ORACLE USER GROUP ESTONIA
 
PDF
Modern Data Security with MySQL
Vittorio Cioe
 
PDF
security in database management system.
prajal
 
PDF
Presentation topic for Philippines SAP user group forum
William Ho (何添福)
 
PDF
Ethernautics, Inc - Database Cyber Security Threats
Michael W. Meissner, RCDD
 
Best Practices for implementing Database Security Comprehensive Database Secu...
Kal BO
 
Oracle Database 11g Security and Compliance Solutions - By Tom Kyte
Edgar Alejandro Villegas
 
Ppt security-database-overview-11g r2
Oracle BH
 
Security of the Cloud of the users Computing 2.pptx
SrujanSd
 
basic to advance network security concepts
amansinght675
 
Database Security Assessment | Database Security Assessment Services
Cyber Security Experts
 
Oracle 11g database security
elshiekh1980
 
Wp security-data-safe
ALI ANWAR, OCP®
 
Oracle 11g security - 2014
Connor McDonald
 
Oracle database threats - LAOUC Webinar
Osama Mustafa
 
Best Practices in Implementing Oracle Database Security Products
Estuate, Inc.
 
Enabling digital transformation with MySQL
MySQL Brasil
 
MySQL Day Paris 2016 - MySQL Enterprise Edition
Olivier DASINI
 
MySQL Manchester TT - Security
Mark Swarbrick
 
Working of Google App Engine Cloud Computing.pptx
SrujanSd
 
Tänased võimalused turvalahendustes - Tarvi Tara
ORACLE USER GROUP ESTONIA
 
Modern Data Security with MySQL
Vittorio Cioe
 
security in database management system.
prajal
 
Presentation topic for Philippines SAP user group forum
William Ho (何添福)
 
Ethernautics, Inc - Database Cyber Security Threats
Michael W. Meissner, RCDD
 
Ad

More from Yusuf Hadiwinata Sutandar (20)

PDF
Varnish Enterprise Feature​ Migration From Varnish Cache​
Yusuf Hadiwinata Sutandar
 
PDF
Presentasi_Yusuf_Hadiwinata_Sutandar_PANDI_Berdaulat_Digital.pdf
Yusuf Hadiwinata Sutandar
 
PDF
LOUCA23 Yusuf Hadiwinata Linux Security BestPractice
Yusuf Hadiwinata Sutandar
 
PDF
How DevOps works in the Enterprise
Yusuf Hadiwinata Sutandar
 
PDF
Acronis Meet and Learn
Yusuf Hadiwinata Sutandar
 
PDF
BiznetGio Presentation Business Continuity
Yusuf Hadiwinata Sutandar
 
PDF
March of the Penguin - 31 years Linux Snapshot
Yusuf Hadiwinata Sutandar
 
PDF
Choose the Right Container Storage for Kubernetes
Yusuf Hadiwinata Sutandar
 
PDF
Biznet GIO National Seminar on Digital Forensics
Yusuf Hadiwinata Sutandar
 
PDF
PHPIDOL#80: Kubernetes 101 for PHP Developer. Yusuf Hadiwinata - VP Operation...
Yusuf Hadiwinata Sutandar
 
PDF
Kubernetes Jakarta Meetup 010 - Service Mesh Observability with Kiali
Yusuf Hadiwinata Sutandar
 
PDF
Devops Indonesia Presentation Monitoring Framework
Yusuf Hadiwinata Sutandar
 
PDF
Bssn book security awarness
Yusuf Hadiwinata Sutandar
 
PDF
Job vacancies cti group
Yusuf Hadiwinata Sutandar
 
PDF
Devops Indonesia - DevSecOps - The Open Source Way
Yusuf Hadiwinata Sutandar
 
PDF
Devops indonesia - The Future Container
Yusuf Hadiwinata Sutandar
 
PDF
Journey to the devops automation with docker kubernetes and openshift
Yusuf Hadiwinata Sutandar
 
PDF
War of Openstack Private Cloud Distribution
Yusuf Hadiwinata Sutandar
 
PDF
create auto scale jboss cluster with openshift
Yusuf Hadiwinata Sutandar
 
PDF
Docker handons-workshop-for-charity
Yusuf Hadiwinata Sutandar
 
Varnish Enterprise Feature​ Migration From Varnish Cache​
Yusuf Hadiwinata Sutandar
 
Presentasi_Yusuf_Hadiwinata_Sutandar_PANDI_Berdaulat_Digital.pdf
Yusuf Hadiwinata Sutandar
 
LOUCA23 Yusuf Hadiwinata Linux Security BestPractice
Yusuf Hadiwinata Sutandar
 
How DevOps works in the Enterprise
Yusuf Hadiwinata Sutandar
 
Acronis Meet and Learn
Yusuf Hadiwinata Sutandar
 
BiznetGio Presentation Business Continuity
Yusuf Hadiwinata Sutandar
 
March of the Penguin - 31 years Linux Snapshot
Yusuf Hadiwinata Sutandar
 
Choose the Right Container Storage for Kubernetes
Yusuf Hadiwinata Sutandar
 
Biznet GIO National Seminar on Digital Forensics
Yusuf Hadiwinata Sutandar
 
PHPIDOL#80: Kubernetes 101 for PHP Developer. Yusuf Hadiwinata - VP Operation...
Yusuf Hadiwinata Sutandar
 
Kubernetes Jakarta Meetup 010 - Service Mesh Observability with Kiali
Yusuf Hadiwinata Sutandar
 
Devops Indonesia Presentation Monitoring Framework
Yusuf Hadiwinata Sutandar
 
Bssn book security awarness
Yusuf Hadiwinata Sutandar
 
Job vacancies cti group
Yusuf Hadiwinata Sutandar
 
Devops Indonesia - DevSecOps - The Open Source Way
Yusuf Hadiwinata Sutandar
 
Devops indonesia - The Future Container
Yusuf Hadiwinata Sutandar
 
Journey to the devops automation with docker kubernetes and openshift
Yusuf Hadiwinata Sutandar
 
War of Openstack Private Cloud Distribution
Yusuf Hadiwinata Sutandar
 
create auto scale jboss cluster with openshift
Yusuf Hadiwinata Sutandar
 
Docker handons-workshop-for-charity
Yusuf Hadiwinata Sutandar
 

Recently uploaded (20)

PDF
“A New Era of 3D Sensing: Transforming Industries and Creating Opportunities,...
Edge AI and Vision Alliance
 
PDF
NewMind AI Weekly Chronicles – August ’25 Week IV
NewMind AI
 
PPTX
Build Your First AI Agent with UiPath.pptx
suhanisingh58689
 
PDF
Transform-Your-Factory-with-AI-Driven-Quality-Engineering.pdf
Kalilur Rahman
 
PDF
sustainability-14-14877-v2.pddhzftheheeeee
VenkateshGovindaraja9
 
PDF
The-2025-Engineering-Revolution-AI-Quality-and-DevOps-Convergence.pdf
Kalilur Rahman
 
PDF
Taming the Chaos: How to Turn Unstructured Data into Decisions
Safe Software
 
PPTX
Internet of Everything -Basic concepts details
sendilkumar66
 
PDF
Auditboard EB SOX Playbook 2023 edition.
DROK2
 
PDF
sbt 2.0: go big (Scala Days 2025 edition)
Eugene Yokota
 
PDF
CXOs-Are-you-still-doing-manual-DevOps-in-the-age-of-AI.pdf
Kalilur Rahman
 
DOCX
search engine optimization ppt fir known well about this
StandardCodeLearning
 
PDF
Advancing precision in air quality forecasting through machine learning integ...
IAESIJAI
 
PDF
Lung cancer patients survival prediction using outlier detection and optimize...
IAESIJAI
 
PDF
Co-training pseudo-labeling for text classification with support vector machi...
IAESIJAI
 
PDF
giants, standing on the shoulders of - by Daniel Stenberg
Daniel Stenberg
 
PDF
Data Virtualization in Action: Scaling APIs and Apps with FME
Safe Software
 
PDF
Accessing-Finance-in-Jordan-MENA 2024 2025.pdf
Mustafa Kuğu
 
PPTX
Microsoft User Copilot Training Slide Deck
zohoron1
 
DOCX
Basics of Cloud Computing - Cloud Ecosystem
suthak11
 
“A New Era of 3D Sensing: Transforming Industries and Creating Opportunities,...
Edge AI and Vision Alliance
 
NewMind AI Weekly Chronicles – August ’25 Week IV
NewMind AI
 
Build Your First AI Agent with UiPath.pptx
suhanisingh58689
 
Transform-Your-Factory-with-AI-Driven-Quality-Engineering.pdf
Kalilur Rahman
 
sustainability-14-14877-v2.pddhzftheheeeee
VenkateshGovindaraja9
 
The-2025-Engineering-Revolution-AI-Quality-and-DevOps-Convergence.pdf
Kalilur Rahman
 
Taming the Chaos: How to Turn Unstructured Data into Decisions
Safe Software
 
Internet of Everything -Basic concepts details
sendilkumar66
 
Auditboard EB SOX Playbook 2023 edition.
DROK2
 
sbt 2.0: go big (Scala Days 2025 edition)
Eugene Yokota
 
CXOs-Are-you-still-doing-manual-DevOps-in-the-age-of-AI.pdf
Kalilur Rahman
 
search engine optimization ppt fir known well about this
StandardCodeLearning
 
Advancing precision in air quality forecasting through machine learning integ...
IAESIJAI
 
Lung cancer patients survival prediction using outlier detection and optimize...
IAESIJAI
 
Co-training pseudo-labeling for text classification with support vector machi...
IAESIJAI
 
giants, standing on the shoulders of - by Daniel Stenberg
Daniel Stenberg
 
Data Virtualization in Action: Scaling APIs and Apps with FME
Safe Software
 
Accessing-Finance-in-Jordan-MENA 2024 2025.pdf
Mustafa Kuğu
 
Microsoft User Copilot Training Slide Deck
zohoron1
 
Basics of Cloud Computing - Cloud Ecosystem
suthak11
 

Biznet Gio Presentation - Database Security

  • 2. Yusuf Hadiwinata Sutandar Linux Geek, Opensource Enthusiast, Security Hobbies RHCT, RHCSAv5-v7,RHCEv5-v7,RHCVA, RHCI, RHCX, RHCSA-RHOS,RHCJA,CEI, CEH, CHFI, CND, EDRP, CCNA, MCTCNA, Security+, Network+, VCA, vExpert 2017-2018 Senior Operation Manager Technology
  • 4. Key-Service For Your Business What Is Database Security? Database security, under the umbrella of information security, protects the confidentiality, integrity and availability of an organization’s databases.
  • 5. Key-Service For Your Business Importance of Database Security and Integrity Database security is more than just important: it is essential to any company with any online component. Sufficient database security prevents data bring lost or compromised, which may have serious ramifications for the company both in terms of finances and reputation
  • 6. Key-Service For Your Business Biggest Data Breaches of 2018 Aadhaar (Kemendagri India) 1.1 billion records breached Date disclosed: January 3, 2018 Facebook (sosmed) At least 87 million records breached Date disclosed: March 17, 2018 The Oregon Clinic (healtcare) Records affected: 64,487 The most affected industries in 2017 (by number of breaches) https://www.medcareernews.com/top-industries-affected-data-leaks-2017/
  • 7. Key-Service For Your Business Data Breaches of 2018 Map http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
  • 8. Key-Service For Your Business Most Common Attack Vector https://www.sophos.com/en-us/medialibrary/pdfs/other/apt-infographic.pdf?cmp=70130000001xIObAAM
  • 9. Key-Service For Your Business Enterprise Security Framework Source: Oracle Security In Depth Reference Architecture
  • 10. Key-Service For Your Business Database Security Conceptual View Source: Oracle Security In Depth Reference Architecture
  • 11. Key-Service For Your Business Data Security Logical Architecture View Source: Oracle Security In Depth Reference Architecture
  • 12. Key-Service For Your Business The Methodology for Proven Database Security Leverage Biznet Manage Services Provider to secure cloud database investment
  • 13. Key-Service For Your Business Inventory • Discover, classify and prioritize the databases containing your valuable information whether cloud based or on-premise • Discover, Track and Manage Your SQL Server Inventory • Manage known databases on your network and in the cloud; discover unknown databases outside the scope of current compliance controls
  • 14. Key-Service For Your Business Inventory
  • 15. Key-Service For Your Business Testing • Define and manage security standards and compliance policies to be used to assess database security posture • Schedule or run ad-hoc job-based assessments to quantify cloud based or on-premise database adherence to selected policies
  • 16. Key-Service For Your Business Compliance and Certifications
  • 17. Key-Service For Your Business Compliance Enablement Logical Architecture Source: Oracle Security In Depth Reference Architecture
  • 18. Key-Service For Your Business Eliminate Vulnerabilities • Fix potentially harmful password configurations, table access grants, user roles and other vulnerable areas identified in assessment of database assets. • Conduct regular and continuous assessments to identify issues and ensure that they are remediated in a timely manner.
  • 19. Key-Service For Your Business Enforce Least Privileges • Ensure employees and applications have only the rights needed to do their jobs • Understand who has access to what data and how they’ve been granted that access Key Point: Analyze membership to powerful server roles and groups such as administrators, systems administrators, and security administrators to ensure the level of access is warranted. From a group, see the list of group members and select a member for further analysis. From a user, see the group memberships and drill upwards to view inherited permissions.
  • 20. Key-Service For Your Business Monitor for Anomalies • Inspect database access and activities for policy violations and attempted attacks • Audit actions of known privileged users as well as administrative activity
  • 21. Key-Service For Your Business Fraud Detection Logical Architecture View Source: Oracle Security In Depth Reference Architecture
  • 22. Key-Service For Your Business Protecting • Deploy policy-based Activity Monitoring to create an easily managed set of actionable security and compliance alerts. • Transparent Data Encryption (TDE) to protect sensitive data • Database Firewall acts as the first line of defense for databases, helping prevent internal and external attacks from reaching the database
  • 23. Key-Service For Your Business DR / Backup Plan - Multiple Data Center Cloud Provider providing Multi Region Provide higher Avaibility to Database
  • 24. Key-Service For Your Business No Bandwidth Hassle
  • 25. Key-Service For Your Business Respond to Incident Audit and Respond to suspicious activity and policy violations in real time • Send an alert to IT Security to prompt further investigation. • Notify the SIEM system to correlate database activity with web application logs. • Initiate a malware scan to remove any injected code. • Lockout the user’s account to prevent further attempts to access sensitive data.
  • 26. Key-Service For Your Business Peace of Mind
  • 27. Key-Service For Your Business Question and Answer
  • 28. Key-Service For Your Business Key-Service For Your Business www.biznetgiocloud.com PT. Biznet Gio Nusantara MidPlaza 1, 7th Floor Jl. Jend Sudirman Kav. 10-11 Jakarta 10220 – Indonesia