Because Oracle Database is used to store critical data, it is frequently the target of attacks, from both inside and outside the organization. Any malicious action, such as the deletion of an important table or a change to a role, can have important consequences, from poor database performance to data exfiltration, which can lead to business losses and reputational damage. Enforcing a proper Oracle 12c audit policy and maintaining a complete Oracle 12c audit trail are essential for ensuring data security and passing compliance audits.
Establishing an Oracle 12c audit policy that serves both your internal security needs and all compliance requirements your organization is subject to can be a challenge. Here are just some of components of DBMS audit that need close attention:
Version 12c of Oracle Database introduced unified auditing. The biggest change from the previous audit options is the consistency of audit data. With the consolidated Oracle 12c unified audit trail, all the audit records are stored in a new schema, which makes it easier to access them. Allowing access based on roles, such as audit admin and audit viewer, helps you enforce the least-privilege principle. Predefined unified audit policies help you concentrate on common security concerns, such as failed activity, modifications to instance configuration and data deletion. However, to handle other needs, such as granular monitoring of SYS users, you might have to write a script to create a new policy.
While native auditing tools in Oracle 12c enable some visibility into what’s going on with your business-critical data, they come with important limitations. Netwrix Auditor for Oracle Database enables you to overcome those limitations: