How Secure Is Your Data?

Having worked for or consulted to leading software publishers, the EC Wise senior team has deep experience in the design, development and security characteristics of database products and applications. Our database engineers have experience implementing high availability, scalability, and performance optimization. Over the past few years, we have increasingly focused on Oracle Database and MySQL Enterprise as the core of a highly secure data management infrastructure, but we also work with MongoDB, Redis and Microsoft SQL Server. In addition to ensuring that your data is secure, we can build high volume data intensive service platforms, and help your teams optimize the performance and manageability of your existing Oracle, MySQL and SQL Server databases.

EC:Secure Data – Oracle Solutions

Based on a variety of metrics, Oracle is the most popular and widely used database system available. EC Wise is an Oracle Platinum Partner with 15 years’ experience in Oracle enterprise database technology. CIO Review recognized us as a leading Oracle Solution provider in 2015, and Oracle authorized us as an embedder of Oracle database technology into ISV products in 2014.

Over the past few years, we have increasingly focused on ways to enhance Oracle Database 12c Security, which delivers a wealth of security enhancements and new features including conditional auditing, privilege analysis, data redaction, enhanced encryption key management, real application security, mandatory realms, and performance optimizations to name a few.

Oracle sports a wide variety of features designed to reduce your vulnerability. Some of these features are specific to the Enterprise edition, and others are provided by add-on products like Oracle Key Vault and Oracle Audit Vault and Database Firewall. We can work with you to improve the security of your Oracle database in a number of ways, which include:

  • Preventing Operating System level data access with Transparent Data Encryption (TDE).
  • Managing keys, Oracle wallets, keystores and credential files with Oracle Key Vault.
  • Restricting exposure of privileged data to only those who need to know, using on-the-fly, engine level redaction of sensitive data in query results requested by applications
  • Enable sharing of data using Oracle Data Masking and Subsetting to obfuscate and extract entire usable copies or subsets of application data from the database.
  • Eliminate non-privileged access and tampering by leveraging privileged user controls, configuration controls, and separation of duty controls in Oracle Database Vault.
  • Prevent adhoc access to application data by privileged accounts using Oracle Database Vault.
  • Using Database Vault to control database operations and prevent unauthorized changes to production configurations that may impact both the security posture and regulatory compliance.
  • Conducting privilege analysis with Database Vault. We can help evaluate unused privileges for potential revocation, helping reduce the attack surface and achieve a least privilege model.
  • Setting up selective auditing of database operations with policy based conditional auditing for simplified configuration and management.
  • Monitoring and blocking unauthorized SQL traffic using the Database Firewall, which uses a highly accurate SQL grammar-based analysis engine to apply the trust but verify principle.
  • Developing applications using Oracle 12c Real Application Security (RAS), that apply application level data security policies based on application users, roles and privileges within the database.

Request an EC:Secure Oracle evaluation to help you harden your valuable Oracle databases 

EC Wise will evaluate your user accounts and overall Oracle security posture. We will then provide a report with suggestions for resolving these issues and other areas to review–for a low price of $500 per database. The EC:Secure Oracle evaluation will look at four key areas:

  • Account control, which covers user account management, authentication and privilege assignment for both natural user and role based accounts
  • Encrypting data at rest, i.e. data stored on disk.
  • Encrypting data in transit, i.e. when the data is passed to and from applications and between Oracle masters and slaves
  • Protecting application data from illegitimate, threatening SQL statements

EC Wise Oracle services

EC Wise has been building and managing marketing service platforms and social networks that use Oracle as a database platform since 2002. Our engineers have experience with implementing high availability, scalability and performance optimization with both on premise deployment and in the cloud. In addition to ensuring that your data is secure, we have built high volume java and Oracle based service platforms, and helped client teams optimize the performance and manageability of their existing Oracle databases. Our Oracle database administration, performance management and tuning and application services include:

  • Planning and deploying Oracle databases (raw iron and virtual) including use of Automatic Storage Management, planning and creating tablespaces, datafiles and redo logs.
  • Implement RAC for system fault tolerance
  • Implement local and distributed database recovery strategies using RMAN, Oracle Flashback and Oracle Data Guard
  • Deployment and administration of Oracle on Unix based SMP (scale up) and Linux based RAC (scale out) topologies.
  • Conduct performance analysis and tuning using Oracle Workload Repository, Automatic Database Diagnostic Monitor and application logging.
  • Design and implement table partitioning and restricting strategies to improve performance and minimize storage costs.
  • Implement table versioning using Oracle Workspace Manager

EC:Secure Data – MySQL Solutions

Few open source technologies are as widely used as the MySQL RDBMS, the data platform powering the vast majority of today’s web and cloud services. But with great popularity comes greater risk in the form of more commonly known security exploits and attack vectors. What can you do to harden your MySQL databases against cyber attack?

MySQL sports a variety of features designed to reduce your vulnerability. Some of these features are specific to the Enterprise edition, which requires paying modest licensing and support fees; they include:

  • MySQL Enterprise enhanced authentication services, which enables user authentication against corporate directories.
  • MySQL now includes “Transparent Data Encryption” using AES256, which protects the privacy of your information, prevents data breaches and helps meet regulatory requirements including the Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA) and numerous others.
  • MySQL supports secure (encrypted) connections between clients and the server and among servers.
  • MySQL Enterprise Firewall enables database administrators to permit or deny SQL statement execution based on matching against white-lists of accepted statement patterns. This helps harden MySQL Server against attacks such as SQL injection.
  • Audit Logging, which uses the open MySQL Audit API to enable standard, policy-based monitoring and logging of connection and query activity. Meeting the Oracle audit specification, MySQL Enterprise Audit provides an out of box, easy to use auditing and compliance solution for applications that are governed by either internal and external regulatory guidelines.

Request an EC:Secure MySQL evaluation to help you harden your valuable MySQL databases 

EC Wise will evaluate your user accounts and overall MySQL security posture. We will then provide a report with suggestions for resolving these issues and other areas to review–for a low price of $500 per production server. The EC:Secure evaluation will look at four key areas: 

  • Account control, which covers user account management, authentication and privilege assignment for both natural user and role based accounts 
  • Encrypting data at rest, i.e. data stored on disk. 
  • Encrypting data in transit, i.e. when the data is passed to and from applications and between MySQL masters and slaves 
  • Protecting application data from illegitimate, threatening SQL statements 

EC Wise MySQL services

EC Wise has been building and managing marketing service platforms and social networks that use MySQL as a database platform since 2010. Our engineers have experience with implementing high availability, scalability and performance optimization with both on premise deployment and in the cloud. In addition to ensuring that your data is secure, we can develop applications for MySQL in multiple programming languages including java, PHP, and Python, develop mobile products that use MySQL as a data store, and help your teams optimize the performance and manageability of your existing MySQL databases.