To prevent unauthorized usage of data in the event information leakage occurs due to data theft, eavesdropping of communication, and other such activities, implement the encryption measures below.
To protect data from eavesdropping over the network between a database server and clients, use the encryption feature to encrypt communications.
Refer to "Configuring Secure Communication Using Secure Sockets Layer" in the Operation Guide for details.
To protect data from theft, use the encryption feature to encrypt the data. The data below is targeted for encryption:
Data to be stored on the database
Backup data
Data files
Refer to "Protecting Storage Data Using Transparent Data Encryption" in the Operation Guide for details.
Restrict the persons who can access the encryption key to a minimum number of database administrators.
Additionally, to ensure the encrypted information will not be easily decrypted, create a mechanism for appropriately managing the encryption key for the entire life cycle (generation, distribution, saving, and disposal), and strictly manage the encryption key.
Refer to "Configuring Secure Communication Using Secure Sockets Layer" and "Protecting Storage Data Using Transparent Data Encryption" in the Operation Guide for details.
