Safeguarding your company's IT systems and data

Safeguarding your company's IT systems and data is arguably the most important role undertaken by IT professionals. Given the complexity of today's networks and sophisticated IT threat landscape, it is also one of the most difficult. The combination of worsening and highly publicised data breaches on the one hand, and stricter regulatory compliance demands on the other hand are pushing database security to the foreground.

An organisation's database is the crown jewel of its IT infrastructure and a prime target for most attackers. Consequently, companies must verify that all necessary security measures have been implemented on database systems to ensure the security of this prime information asset. There are unique threats to databases that cannot be handled by firewalls, intrusion detection and prevention systems and other perimeter defences. Threats are constantly evolving and becoming more sophisticated, with an increasing recognition that the majority of breaches are attributable to internal users. The potential threat posed by the use of privileged access by internal staff underlines the need for an experienced Oracle Security specialist like Redcentric to provide an independent audit and preventative measures.

Redcentric can provide a range of consultancy services and software product knowledge to address the specific issue of Oracle database security.

These include:

  • Independent and comprehensive database security audits which focus on core areas of security vulnerability – host operating system security issues, Oracle authentication, Oracle access controls, auditing, networking, backup and recovery and application development
  • Working with clients to achieve and maintain regulatory compliance for Oracle-based systems – SOX, PCI DSS
  • Implementation of complex Oracle security architectures that make use of Oracle Internet Directory (OID), Oracle Single Sign-On (SSO) and integration of these Oracle solutions with third-party security providers
  • Assessment and application of quarterly Critical Patch Updates as part of a specialist managed service
  • Application of security monitoring and auditing through a number of specialist software providers, including implementation experience of Oracle Audit Vault and Sentrigo’s Hedgehog Enterprise
  • All these Oracle security services can be complemented by those offered by Redcentric’s Security Practice, with its focus on preventing many of the external threats to these Oracle-based systems.