Re: Encryption

Hi Sallie,
"What Jeff said" for your solution. TDE and obfuscation is the most modern and reliable choice for your Oracle database challenge if you want to stay with an Oracle product. There are other products on the market that can do this as well.

*Kellyn Pot'Vin-Gorman*
DBAKevlar Blog <http://dbakevlar.com>
about.me/dbakevlar

On Tue, Mar 17, 2020 at 9:25 AM Jeffrey Beckstrom <jbeckstrom_at_gcrta.org> wrote:

> Transparent Data Encryption will encrypt the data at rest (on disk). If
> you want to encrypt it in memory as well then you would need to use the
> DBMS_OBFUSCATION package to encrypt and decrpt the data in your sql.
>
> Jeffrey Beckstrom
> Lead Database Administrator
> Information Technology Department
> Greater Cleveland Regional Transit Authority
> 1240 W. 6th Street
> Cleveland, Ohio 44113
>
> >>> "Clay Jackson (cjackson)" <Clay.Jackson_at_quest.com> 3/17/20 12:11 PM
> >>>
> Hi, Sallie - in my last “real” DBA job, before I moved to Quest and
> started doing Sales Engineering stuff; we used Virtual Private Database for
> just exactly the same type of thing you outlined.
>
> We had one column in one table that contained a Tax ID number, and needed
> to protect it. VPD was the easiest solution for us.
>
> I might have some examples, or be able to come up with something when I’m
> back in my (home) office later today.
>
> At least then (Oracle 11), it did require Advanced Security.
>
> Sent from my iPhone
> Clay Jackson
> Quest Software
>
>
>
> On Mar 17, 2020, at 7:30 AM, Sallie Cottingham <
> Sallie.Cottingham_at_cot.tn.gov> wrote:
>
> 
> CAUTION: This email originated from outside of the organization. Do not
> follow guidance, click links, or open attachments unless you recognize the
> sender and know the content is safe.
>
> What are your thoughts/experiences with encryption?
> We have one very old database that stores SSN in several tables (did I say
> it is old and definitely not normalized?). The system is currently being
> rewritten but in the meantime, we are looking to see Oracle options for
> encryption. In your experiences how have you handled just one element
> encryption or one element in several locations?
>
> I’m also assuming this will require an additional license – is that
> correct?
>
> *Sallie Cottingham*
> Database Administrator
> Comptroller of the Treasury
> Technology Solutions
> 425 Fifth Avenue North
> Nashville, TN 37243-34001
> *sallie.Cottingham_at_cot.tn.gov <sallie.Cottingham_at_cot.tn.gov>*
> 615-401-7962
>
>
> <https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fforms.office.com%2FPages%2FResponsePage.aspx%3Fid%3D2LIbXg4PBUmsyXNR-FBv9vKJmJb3wIJGtlfwguW_b_tUOENWVkxEUUZOT0pHS00xSk1NVzZZSDBVRy4u&data=02%7C01%7Cclay.jackson%40quest.com%7C87f172e4b6534957b4c808d7ca7fb028%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637200522078453373&sdata=jWLSIC%2Ft6LMjQugQxAlTRGXjkzXIDiQnB5k9dk%2BMfmE%3D&reserved=0>
> <image001.png>
>
> <https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fforms.office.com%2FPages%2FResponsePage.aspx%3Fid%3D2LIbXg4PBUmsyXNR-FBv9vKJmJb3wIJGtlfwguW_b_tUOENWVkxEUUZOT0pHS00xSk1NVzZZSDBVRy4u&data=02%7C01%7Cclay.jackson%40quest.com%7C87f172e4b6534957b4c808d7ca7fb028%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637200522078453373&sdata=jWLSIC%2Ft6LMjQugQxAlTRGXjkzXIDiQnB5k9dk%2BMfmE%3D&reserved=0>
>
>
>
>
>
>
>
>

--
http://www.freelists.org/webpage/oracle-l