Securing sensitive data with Oracle VPD

Customer March 1, 2021 at 4:34 pm

We need assurance that when end-users run reports via Blitz Report, especially custom SQL reports accessing core EBS tables, our existing Oracle Virtual Private Database (VPD) policies are strictly enforced to prevent unauthorized data access.

Viewing 10 reply threads

Author
Replies
- Support March 3, 2021 at 1:16 am
  Blitz Report is designed to integrate seamlessly with the native Oracle security architecture, ensuring that VPD policies are respected. You can explicitly control what tables Blitz Report can access by utilizing standard Oracle Virtual Private Database (VPD) security policies.
- Customer March 3, 2021 at 2:04 pm
  Does this enforcement cover both limiting the rows a user can see (like organization access) and restricting specific columns (like salary data)?
- Support March 5, 2021 at 6:36 am
  Yes, VPD allows for granularity in security implementation. This includes enforcement at both the row level and column level. When a report is executed via Blitz Report, the underlying database session adheres to the security predicate established by the VPD policy attached to the targeted table.
- Customer March 7, 2021 at 6:30 am
  If we rely on VPD for security, does the reporting tool need any separate configuration or security layer built on top of the EBS permissions framework?
- Support March 7, 2021 at 11:58 pm
  No, Blitz Report does not override the Oracle security model. It leverages standard EBS security functionalities, such as assigning reports to specific responsibilities. The crucial data access security (VPD) is enforced at the database layer by Oracle itself, ensuring the reporting tool only sees data the user is authorized for.
- Customer March 9, 2021 at 4:29 am
  We are also implementing logging of all user activities for compliance purposes. Can Blitz Report assist in auditing the reports run by users?
- Support March 10, 2021 at 5:33 pm
  The tool supports high compliance standards, relevant for auditing. Furthermore, when running reports, detailed metadata is maintained, and custom reports retain full version control with audit comments with every migration, providing inherent traceability of the reporting asset itself.
- Customer March 12, 2021 at 10:04 am
  We noticed that using BI Publisher for exports sometimes exposes sensitive configuration data in interim files. Does Blitz Report mitigate this risk during mass data exports?
- Support March 14, 2021 at 1:06 am
  Blitz Report processes data efficiently and outputs directly to native Excel files. It is specifically used within the project and upgrade toolkit for safely exporting master data, implying a secure handling of high-volume data extracts which are essential for audits and compliance.
- Customer March 14, 2021 at 10:28 pm
  Are there any specific modules where VPD is most critical when utilizing Blitz Report?
- Support March 15, 2021 at 9:33 am
  VPD is relevant across any module handling sensitive data, such as HR (e.g., Absence Visualization reports) , Payroll (e.g., Payroll Balance Listing) , and Financials. Since Blitz Report supports all these areas, proper VPD setup is vital to ensure only authorized personnel access relevant payroll or sensitive employee data.
Author
Replies