Oracle Readies Database Vault, Secure Backup

The Redwood Shores, Calif.-based software vendor's new Database Vault will ship within weeks on Linux, and Solaris, Windows and other versions will follow, said Andy Mendelsohn, senior vice president of database server technologies at Oracle.

Database Vault and the upcoming Audit Vault from Oracle could be a one-two punch for companies hoping to prevent unauthorized viewing, copying or tampering of data. Audit Vault, due out later this year,would "watch" database activity and funnel all that data to a separate, secure repository.

Database Vault, which is available for the current Oracle Database 10g Release 2, will enable companies to "put firewalls around financial data" so that DBAs and systems administrators cannot see data they shouldn't, Mendelsohn told CRN.

"DBAs right now are pretty much all-powerful. They can see anything. [Database] Vault lets you put a wall around that data," he said. "Once you do that, folks with no need to see financial data are locked out of that realm."

Sponsored post

Oracle executives touched on the technology--sometimes called Project Data Vault--at Oracle World last fall.

Mendelsohn will detail Database Vault, along with new secure, automated backup-to-tape for Oracle, on Wednesday at the annual Independent Oracle Applications User Group (IOUG) conference in Nashville, Tenn. The database add-on will cost $20,000 per CPU.

Oracle partners can use the technology to bolster regulatory compliance for their customers, ISVs and solution providers said.

Database Vault is a "clean method to control who can do what [with the data] and protect against insider threats," said Dwayne Melancon, vice president of business development at Tripwire, a Portland, Ore., ISV specializing in IT auditing software.

Jay Thompson, managing director of Protiviti, an Irvine, Calif.-based company specializing in internal audit and technology risk assessment consulting services, concurred.

"On the tech side, Database Vault could raise the bar as to what companies can do in providing controls. There's nothing similar on the market yet," he said.

Database Vault provides the preventive side and Audit Vault, which watches the database, detects bad behavior, Thompson added.

Audit Vault, also outlined briefly at Oracle World, collects information on who accesses, deletes and changes data and when they do it, as well as funnels all that information to a separate and secure repository.

Mike Rudolph, vice president of product management at LogicalApps, another Oracle ISV, said the software will help his company plug security holes at customer sites. Companies running enterprise applications off databases now realize that DBAs and other IT professionals can "go in underneath the application, direct to the database, and get access to pretty much anything," Rudolph noted.

The new Oracle technology "lets you create realms that isolate user access to a subset of the data [for which they are authorized]," he said.

Exactly who sees which data and when is of crucial importance nowadays with heightened financial reporting regulations such as Sarbanes-Oxley in place, according to solution providers. And increasingly, companies will have to show auditors that their information is cordoned off and viewable by only those who are supposed to see it.

Also at the show, Oracle will take the wraps off its own automated, secure backup-to-tape offering, ramping up its attempt to take more money away from partners such as Symantec/Veritas and EMC/Legato.

"Oracle today has a complete solution for backup-to-disk integrated to the product, as well as disaster recovery with Dataguard. What we'd been missing was backup-to-tape," Mendelsohn said.

"Customers often back up nightly to disk. But once a week, they'll make tape backups to ship off to Iron Mountain," he said.

"Bits coming off the disk are encrypted before being sent over the network to the tape drive," Mendelsohn added.

Secure Backup is available now for $3,000 per tape device. Mendelsohn said this pricing is aggressive compared with that of competitors, which typically charge per database backed up and per tape drive.

In other news, database rival Sybase on Tuesday said it's making its database mirroring technology available for Oracle databases. Sybase Mirror Activator so far bhas een available only for Sybase's Adaptive Server Enterprise.