Q Software is Oracle’s only Certified Partner providing security Governance Risk and Compliance solutions for JD Edwards customers, and is Oracle’s selected Enterprise Security and GRC global partner for JD Edwards. Our security management solutions have been certified by Oracle and are recommended by Oracle in its white papers on achieving compliance. They are also recommended by leading audit firms. We support the JD Edwards EnterpriseOne Financial Management and Compliance Console (FMCC) development and complement it with our own comprehensive compliance reporting solutions. More than 250 customers tell us we typically cut their security costs by up to 80%. No wonder ours are the Security solutions of choice for JD Edwards customers. (less)

This commissioned Forrester Consulting case study describes how a F500 company:

Simplified database monitoring for SOX without performance impact or database changes.

Reduced DBA effort with automated reporting and an appliance-based solution (self-contained storage, preconfigured applications, SOX reports, embedded DBMS, etc.).

Captures all activities (DDL, DML, DCL, failed logins, bind values, local access, etc.).

Created a single set of audit policies and audit repository for all platforms (Oracle, SQL Server, IBM DB2) accessed via Siebel, SAP and 22 other financial systems.

Provides real-time security for unauthorized changes including data updates.

Delivered 239% ROI and 5.9 months payback compared to homegrown scripts using native logging/auditing.

(less)

The Payment Card Industry Data Security (PCI DSS) defines security measures to protect cardholder information that must be implemented by processors, merchants and service providers. Cyber-Ark’s EPV addresses the business concerns and regulatory mandates for sensitive document security by providing a centralized secure repository and sharing platform for an organization’s most highly sensitive information. Based on our patented and ICSA validated secure Digital Vault technology, the Enterprise Password Vault creates a multiple-layered information security infrastructure that is easy to use, simple to adopt and efficient to administer, all while providing the security, flexibility and detailed tracking capabilities missing from today’s plethora of one-dimensional encryption only based solutions. (less)

This white paper highlights the unique needs of midsize businesses and explores the factors driving them toward stronger identity management platforms, such as Oracle Identity Management. (less)

The growing number of high-profile data breach incidents and numerous information-intensive government and industry regulations requiring protection of personal information and corporate digital assets are forcing organizations to adopt proactive and cost-effective information protection and control (IPC) solutions. This new IDC report discusses the growing internal threats to business information, the impact of regulations on data protection, and how enterprises must adopt database security best practices to prevent theft of sensitive personal and corporate information. Learn how IDC believes that Oracle offer customers a comprehensive, integrated set of security products that address both insider threat mitigation and regulatory requirements (less)

Cyber-Ark tops field of four privilege-account management (PAM) products. Learn why with this NetworkWorld article. (less)

Oracle Advanced Security provides transparent, standards-based security that protects data on the network, on disk and on backup media. Learn how to use the Oracle Advanced Security as a key component of your defense-in-depth strategy for protecting data in transit and at rest. (less)

Auditing is playing an increasingly important role in the areas of compliance, privacy, and security. Learn how Oracle Audit Vault automates the audit collection and analysis process, turning audit data into a key security resource to help address today's security and compliance challenges. (less)

Enterprises face many challenges safeguarding data against internal and external threats and complying with data privacy regulations. This whitepaper outlines how Oracle Database 11g a comprehensive portfolio of security solutions to address these challenges. (less)

Strengthening internal controls for regulations, enforcing industry best practices, and guarding against insider threats are just a few of the challenges facing organizations in today's global economy. Controlling access to databases, applications and data requires sophisticated access controls that are enforced from within the database. Learn how Oracle Database Vault is the industry's leading solution for safeguarding data from unauthorized activity by any user, including privileged application or DBA users. (less)

Oracle Label Security can be used to address numerous operational issues related to security, compliance and privacy. Learn how label authorizations provide tremendous flexibility in making access control decisions and enforcing separation of duty. (less)

Oracle Label Security is a powerful, yet simple to use tool for classifying data. By applying labels to data, government agencies can enforce “need to know” and other data compartmentalization policies. Read this white paper to learn best practices to successfully use Oracle Label Security to restrict access to sensitive information in government and defense applications. (less)

Over the past several years enterprise IT organizations have been forced to publicly acknowledge an unsettling truth: Risk associated with insider threats far exceeds that of outsider threats. These insider threats affect organizations at many levels, serving to erode consumer trust and increase corporate costs exponentially. While identity and access management (IAM) solutions typically serve as the foundation for access control and audit, insider threat remains a critical obstacle within the IT enterprise. IDC believes that a significant portion of the insider threat problem can be alleviated by applying a specialized subset of IAM technologies, a privileged identity management (PIM) platform. (less)

This article argues for the establishment of a Central Substance database within an organization to meet the growing regulatory and compliance requirements associated with chemical based finished goods. Many ERP and legacy based solutions are well equipped to handle product based information, however the establishment of component based data, integrated with regulatory content can be lacking. Integrating a solution that can seamlessly interact with your ERP solution, while maintaining the component (ingredient) based regulatory data is essential for complying with regulations around the globe. (less)

It’s the single most overlooked gap in enterprise security. Either you don’t know about it, you don’t know what to do about it or you think there is no solution short of magic. Unless you’ve been living in a cave or you’re completely irresponsible, you’ve got security for your logical systems, applications and databases. You’ve got more security for your physical locations. And, if you’re diligent in regulatory compliance, you’ve got environmental health and safety covered too. Congratulations…maybe. (less)