X

Ellison: Encryption is key to data protection

Oracle's chief also boasts about his company's security prowess while taking shots at Microsoft's efforts.

2 min read
SAN FRANCISCO--Organizations need to look more closely at how they encrypt their databases to protect against security threats, Oracle CEO Larry Ellison said Thursday.

Addressing an audience at Oracle OpenWorld here, Ellison stressed that security risks will continue to increase as more companies put business applications on the Internet.


Customers will get access to Web-based systems to check whether their orders are being processed or have been shipped, he said.

"Suppliers can also check their inventory through multiple systems on the Internet," he added. "But as you let your employees access systems from homes and branch offices around world, your security risks are increasing."

To reduce security breaches, businesses should encrypt their databases, he said.

"We encrypt the data in the database as it goes out of the wires, onto the public Internet. We also encrypt data as it comes out of disk drives and goes into the back end," he said.

Ellison recommended that companies prohibit customers from performing data backups without encryption, "because if an unencrypted (backup) CD or DVD, is lost, you've lost information."

Emphasizing the importance of encryption, he said that no company would want to face the situation where storage tapes containing unencrypted customer credit card information are lost.

And as VoIP (voice over Internet Protocol) grows in popularity, and businesses switch from traditional phone networks to converged voice-data networks, security will become even more crucial, Ellison said. "Malicious people can not only shut down your computer networks, they can also shut down your voice networks," he noted.

The CEO also boasted about his company's security prowess while taking shots at Microsoft's efforts.

"Oracle's first customer was the Central Intelligence Agency, and we've focused on security for more than 25 years," Ellison said.

"I was actually very impressed when (Microsoft Chairman) Bill Gates announced several years ago that Microsoft would devote the entire month of February to security, (but) it's a short month," he said, drawing laughter from a packed hall.

Ellison said that Oracle has had several industry security certifications from international and U.S. standards bodies since the company's early beginnings. He added that the last time the Oracle database was broken into was more than 15 years ago.

Singapore-based Aaron Tan reports for ZDNet Asia.