- Services & Support
Data Compliance and Governance
Compliance Mandate — Protecting Customer and Organizational Data
There are a wide variety of regulations that place additional demands on IT departments: financial reporting regulations such as SOX and Basel II, health record privacy mandates like HIPAA and financial data privacy regulations such as PCI. These regulations require that organizations apply appropriate controls to protect and document the integrity and security of their access and use of sensitive data. The bottom-line is that organizations of all types must strictly enforce policies controlling access to, and use of applications and the underlying databases, and maintain an audit trail of who has accessed the information.
While organizations have made significant investments in systems to protect their network perimeters, these systems have proven they cannot prevent authorized system users from accessing data inappropriately. In fact, authorized insiders commit most cases of data theft and misuse. As more data is centralized in larger databases, accessed by a growing numbers of people and applications, the risk of data misuse is increasing.
Teleran’s Solution — Protecting Users, Applications and Data
Teleran’s solution provides an effective, centralized compliance auditing and compliance enforcement solution that monitors and controls authenticated user behavior at the unique user, application and database levels. Residing on the network between underlying databases and business intelligence, CRM and Web applications, Teleran’s patented software solution continuously watches and controls how data is accessed and used, by whom and by what application. Teleran’s policy enforcement product blocks inappropriate data requests before the database is even reached.
- Combines intelligent controls and comprehensive auditing across all applications, users and database activity
- Tracks and protects in a single software solution
- Enables flexible controls that adapt to each unique environment
- Communicates real-time warnings and guidance to users who attempt to violate business usage policies
- Maintains understanding of who the application user is throughout a transaction, even when generic database user IDs are employed
- Installs quickly and requires no performance-degrading “in-the-database” agents, traces or monitors
PCI Compliance Case Study
A large credit card issuer had developed a 40-terabyte consumer credit data warehouse built on Oracle 11g. The data warehouse was central to a variety of business-critical functions including credit analysis, risk assessment, card marketing and customer service. The system was accessed by hundreds of employees around the globe and contained sensitive cardholder information such as account number, social security number and other personal data.
The Ministry of the Interior for a European country manages a diverse portfolio of critical tasks from fighting crime, terrorism and corruption to addressing immigration, asylum, civil protection and airport security.
Oracle EBS HR Security Case Study
One of the world's largest diversified corporations uses Oracle's EBS Human Resources (HR) system to manage their HR processes around the globe. They use SAP BusinessObjects to deliver HR reports and analyses to more than 8,500 HR personnel worldwide. Because of the sensitive nature of HR information, access to the HR database must be carefully monitored and controlled. Only authorized users or personnel in certain roles can view specific HR information.