Oracle Audit Vault, part of Oracle's comprehensive portfolio of database security solutions, offers multidimensional benefits to organizations in today’s most complicated audit and compliance scenario. T. Srinivasan, Vice President, India Sales, Oracle India, recently has unfolded the strength and performance of Oracle Audit Vault in an exclusive interview with ‘InfoSecurity’.
 |
T. Srinivasan, Vice President, India Sales, Oracle India. |
1. What are the biggest challenges that enterprises are facing today?
Satisfying compliance regulations and reducing the risk of security breaches are among the top security challenges enterprises face today. Data breaches are also perpetrated by insiders, that is, by those authorized with at least some level of access to the system and its data. For organizations, controlling such security breaches is a high priority as it leads to financial losses and also leakage of sensitive data of the company.
2. Where does Audit Vault play its role to meet these challenges?
Oracle Audit Vault, part of Oracle's comprehensive portfolio of database security solutions, reduces the cost and complexity of compliance and the risk of insider threats by automating the collection and consolidation of audit data. It provides a secure and highly scalable audit warehouse, enabling simplified reporting, analysis, and threat detection on audit data. In addition, database audit settings are centrally managed and monitored from within Audit Vault, reducing IT security cost. With Oracle Audit Vault, organizations are in a much better position to enforce privacy policies, guard against insider threats, and address regulatory requirements such as Sarbanes-Oxley and PCI.
Oracle Audit Vault can also be used as a detective control for segregation of duties by allowing a separate organization or IT auditor to monitor database activity across all Oracle and non-Oracle databases in the organization. Oracle Audit Vault can detect and alert on unauthorized activities such as account creation or access to application data that circumvents the application by any user even privileged users. Oracle Audit Vault complements Oracle Database Vault by providing a reliable enterprise-wide solution for demonstrating the effectiveness of preventive controls as well as detecting and alerting on unauthorized or suspicious activities.
3. How big is the security compliance market in India and how big is the opportunity for audit vault to address the market?
I think more important than assessing the security compliance market; it is interesting to observe that companies are now being scrutinized more closely by regulators. They have to ensure that every employee within the organization and every division and process must adhere to stringent guidelines to enforce privacy policies, address regulatory requirements and protect their data assets from insider and outsider threats.
Database Auditing is commonly used in more regulated industries such as financial services, telecom billing, healthcare, energy, and public sector. Some customers do heavy auditing, while some mainly audit the privileged user activities. After Oracle released fine-grain auditing (FGA) in Oracle9i, many customers started to use that to audit access to sensitive data. More companies have started to audit database activity to meet requirements for SOX, HIPAA, and to protect PII data.
As I mentioned earlier, Oracle Audit Vault provides a secure and highly scalable audit warehouse, enabling simplified reporting, analysis, and threat detection on audit data and reduces IT cost. More and more organizations now understand the importance of Database Auditing for compliance requirements.
4. The nature and strength of security threats have been exceptional in last few years and the emergence of intelligent devastative blended threats are growing significantly in IT industry. How strong is audit vault to detect and prevent these threats in an organization?
Oracle Audit Vault continuously monitors the inbound audit data, evaluating audit data against alert conditions. Oracle Audit Vault event alerts help mitigate risk and protect from the insider threats by providing proactive notification of suspicious activity across the enterprise. Alerts can be associated with any auditable database event including system events such as changes to application tables, role grants, and privileged user creation on sensitive systems. Oracle Audit Vault provides graphical summaries of activities causing alert.
Protecting audit data is critical to the security and internal controls processes and Oracle Audit Vault protects Oracle, SQL Server, IBM DB2, and Sybase ASE audit data by using Oracle’s strong data security technology. Access to the audit data within Oracle Audit Vault is strictly controlled using pre-defined administrative roles. Oracle Audit Vault leverages Oracle's proven data warehousing and partitioning capabilities to achieve massive scalability, a key requirement for any auditing solution. Once consolidated, Oracle Audit Vault will automatically remove Oracle Database audit data on source systems, helping further simplify audit data management.
5. How uniquely audit vault can manage the data auditing within an organization running heterogeneous IT environment?
To meet the requirements from auditors, most customers are using homegrown scripts to collect, analyze and audit data from individual data sources. In a heterogeneous database environment, understanding and reporting audit events from different sources in a meaningful format is a key challenge. Oracle understands that audit data collected from non-Oracle databases is a critical requirement for some customers. Oracle Audit Vault reporting is based on the audit events generated by Oracle, SQL Server, IBM DB2, and Sybase ASE databases. These audit events are very similar so they have been categorized by Audit Vault to show a consolidated report of database activity. A Collection Agent continuously extracts the audit data from the source and sends it to Oracle Audit Vault.
Oracle Audit Vault 10.2.3 supports SQL Server 2003 and 2005, Sybase ASE 12.5 and 15.0, and IBM DB2 8.2 and 9.5.
6. How can audit vault strengthen the access control policy of sensitive data within an organization?
Oracle Audit Vault transparently collects and consolidates audit data, providing valuable insight into who did what to which data when – including privileged users who have direct access to the database. Access to the audit data within Oracle Audit Vault is strictly controlled using pre-defined administrative roles. Oracle Audit Vault leverages Oracle's proven data warehousing and partitioning capabilities to achieve massive scalability, a key requirement for any auditing solution. Once consolidated, Oracle Audit Vault will automatically remove Oracle Database audit data on source systems, helping further simplify audit data management.
With Oracle Audit Vault reports, alert notifications, and centralized audit policy management, the risks from internal threat and the cost of compliance are greatly reduced. Oracle Audit Vault leverages Oracle's industry leading database security and data warehousing technology for managing, analyzing, storing, and archiving large volumes of audit data.
7. What is the licensing model for audit vault and is there any special offer for large enterprises? Is there any specific vertical, which audit vault targets?
Oracle Audit Vault is offered to customers as an Oracle Database Options product. Oracle Database Options are unique solutions with specialized features and functionalities that enhance the Oracle Database platform. These Options aim to help companies meet specific requirements in the areas of performance and availability, security and compliance, data warehousing, and manageability. In terms of licensing, it is licensed separately. The Audit Vault Server and Audit Collection Agents are charged on per processor basis.
There is no specific vertical where Audit Vault is key like I mentioned; all companies that need to meet compliance norms will see use for it. Especially, financial service organizations, telecom companies, IT/ ITeS and manufacturing organizations are among others.
8. Is there any up gradation policy for this product?
Oracle Audit Vault consists of two components (i)Audit Vault server that contains the secure audit warehouse and specific Audit Vault packages and (ii)Audit Vault Collection Agent that manages the collection of audit data from sources. Oracle Audit Vault is an independent product, which can be implemented in an IT environment, where multiple data sources need to be audited. Oracle Audit Vault leverages all the scaling features of Oracle Database including Oracle Partitioning, to enhance manageability and performance, enabling audit data to be physically partitioned based on business requirements. Oracle Audit Vault can optionally be deployed with Oracle Real Application Clusters (RAC) for additional scalability.
Oracle Audit Vault 10.2.3 supports Oracle Database9i Release 2 and later releases, SQL Server 2003 and 2005, Sybase ASE 12.5 and 15.0, and IBM DB2 8.2 and 9.5.
The Oracle Audit Vault server is generally available for the Linux X86/X64 platform (RedHat Enterprise Linux AS 3, 4, 5, Enterprise Linux 4,5, & SuSE SLES9 & SuSE SLES10), Solaris Sparc (64 bit), HP-Itanium, and AIX5L (64 bit).
The Oracle Vault Collection Agent is generally available for the Linux x86/x64, Solaris SPARC 64-bit, HP-UX PA-RISC (64-bit), HP-Itanium, AIX5L Based Systems (64-bit), and Windows (32-bit/64-bit).
9. What is the future roadmap of audit vault and how do you really assess audit vault in a market impacted by economic recession?
The future road map for Audit Vault software requirement is quite robust, as organizations today need to maintain various compliance regulations and reduce security breaches, so as to reduce financial impact. Past incidents have shown that timely examination of audit data could have helped detect unauthorized activity early and reduced the resulting financial impact and Oracle Audit Vault helps in automate the consolidation of audit data into a secure repository, enabling efficient monitoring and reporting
—By: T. Srinivasan, Vice President, India Sales, Oracle India. |
