Verify if the Oracle database have been encrypted

book

Article ID: 159901

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

This article deals with finding out if Oracle Transparent Data Encryption is being used in a database.

Resolution

Oracle Transparent Data Encryption is Oracle's internal encryption offering.  Use of this feature has NOT been certified by Symantec DLP.

Data within a database can be encrypted using any one of the many encryption methods available.  What gets encrypted can be scaled from a single column within a table to the entire database and associated backups.

Use of Oracle Transparent Data Encryption is currently (27-JUN-2012) not certified by Symantec DLP Technical Support.

Using a discover scan to scan an encrypted Oracle database can only be facilitated if and only if the appropriate connectivity is provided.  This may involve the use of external objects, like an Oracle "Wallet".  This has not been certified by Symantec DLP.

To find out if a database is using Oracle Transparent Data Encryption, and what has been encrypted, do the following:

1) Log into SQLPlus as sys as sysdba,

2) execute the following statement:

SELECT * FROM DBA_ENCRYPTED_COLUMNS;

 

This will return a record for each column within the database that has been encrypted including the tablename, owner, columnname and encryption algorithm.