The Reserve Bank of India (RBI) has set up guidelines for banks to avoid risks related to database administrator (DBA) access and control. To help the banking and finance sector, they will now be able to use the Oracle Security and Compliance Solution, to meet standard guidelines.
Vipin Samar, vice president of the Database Security Engineering group at Oracle, said that the new application will help banks accurately assess levels of data security, encryption and also help in auditing. Today, when most banks are using computerised process for greater efficiency and faster operations, not to mention far flung operations, such solutions have become imperative. Most banks now have stock centralised with all the sensitive data stored in one datacentre.
The guidelines issued by the RBI are a constructive step that gives a prescriptive overview of what steps bank should take to secure the data they hold, he said. For example, RBI has specific guidelines regarding access and control of DBAs, setting out what data they can access. Today, most of the bank operations are managed by the DBA, and many people within the bank hold access to information. The RBI guidelines state that there should be control over DBAs, it should be clear who has access to data and there should be proper separation of duties. This is when the security solution from Oracle can be implemented by banks, he says. Oracle Database Work, the security solution, divides duties of work into two distinct categories — one is managing the stored data and second securing this data. Oracle's Database Work application filters and limits DBA data access.
Oracle is targeting all kinds of banks across India and the only criterion for banks to be able to implement the application is that they should use an Oracle database. However, Vipin Samar is confident that most banks would be compatible with the security solution as more than 80 percent of the existing banks already use Oracle database, he said.