Skip to Main Content

New

Data Security for PDPA

09/08/2021

Based on today's criminal cases in data threats, in Thailand, PDPA is announced in order to encourage personal data protection. Therefore, “Database Security Solution” is now highlighted as a priority task in database management for applying organization’s policy to PDPA. Capabilities of Database therefore play an important role in the system. We bring Data Security Solution to take part in data protection and ensuring security of database systems, in accordance with the PDPA with the ability of the Oracle Database technology that we confidently employ to deliver the best solution to our customers. The solution can be divided regarding platform as follows:

Securing an Oracle Database

Securing an Oracle Database is much like securing any other system. You are protecting your data that could be intellectual property, financial data, personal data about your customers or staff, or (more likely) a combination of all three. Because data is valuable, you need to guard against theft and misuse.

This data is used for business purposes and that means users and applications connect to the database, and you need to safeguard that data with security controls that restrict access to the data according to your policy. To do this you’ll need to do three things:

  • Assess the system to determine its current state and develop a remediation plan. Is the system configured properly? Patches applied regularly? How are user privileges managed – are you enforcing least privilege? What types and how much of sensitive data is the system holding? Your existing investment in the Oracle Database gives you the features and utilities you need to assess your database and identify areas for improvement and risk reduction.
  • Detect attempts to access data outside of policy, and identify anomalies in data access – almost all database activity is repetitive, so anomalies are frequently a leading-edge indicator of attempted data theft.
  • Prevent access to data that doesn’t go through the database control mechanisms – sniffing traffic over the network, reading the underlying data storage layer, or misuse of database exports and backups. Block inappropriate access to data through control mechanisms that consider the context of the access – not just the identity of the account accessing the data.

Oracle provides industry-leading capabilities for each of these security control objectives. Our team can help you identify the right technical enforcement for virtually any control objective.

Benefit

  • Support Regulatory Compliance
    • Personal Data Protection Act (PDPA)
    • Sarbanes-Oxley (SOX), J-SOX, GLBA
    • Payment Card Industry (PCI)
    • HIPAA, EU Privacy Directives
    • California Breach Disclosure Act
    • COSO, COBIT
    • Separation of duty, Proof of compliance, Risk Assessment and Monitoring
  • Prevent Insider/External Threats
    • Large percentage of threats go undetected
    • Outsourcing and off-shoring trend
    • Customers want to monitor insider/DBA

Component Product Solution

  • Oracle Database Security Assessment Tool
  • Oracle Advanced Security
  • Oracle Database Vault
  • Oracle Audit Vault and Database Firewall
  • Oracle Data Masking and Subsetting
  • Oracle Key Vault
  • Oracle Label Security

footer

Copyright © 2024 Data Extreme Co., Ltd. All Rights Reserved.

Release 1.0