Oracle Data Redaction enables you to redact sensitive data in application screens that have read-only static pages, such as dashboards and reports.

You can define a redaction policy on sensitive columns so that the data is redacted before it is passed to the application. Because the pages are for static display only, and data is not posted back to the database, redacted data would not be written back to the database and potentially corrupt records.

Oracle Data Redaction prevents sensitive data from being exposed by data management tools, such as tools for loading and viewing data.

Many applications include tools that enable users to load and manage their data. An example could be a SaaS application that allows subscribers to bulk load and manage customer information. You can define a redaction policy on the sensitive data so that sensitive data is redacted when it is displayed to these users when they perform these administrative activities.

Oracle Data Redaction prevents the disclosure of sensitive data to users who perform offline analytics on production data.

Oracle Data Redaction can be used to prevent the exposure of sensitive information to users who perform analytics on data that is contained in a data warehouse. You can define a redaction policy on sensitive data so that it is redacted as it is retrieved from the database and displayed to the user of the analytics software.

You may encounter situations where it is convenient to redact sensitive data for ad hoc queries that are performed by database users.

For example, in the course of supporting a production application, a user may need to run ad hoc database queries to troubleshoot and fix an urgent problem with the application. Even though Oracle Data Redaction is not designed to prevent data exposure to database users who run ad hoc queries directly against the database, it can provide an additional layer to reduce the chances of accidental data exposure. Because such users may have rights to change data, alter the database schema, and circumvent the SQL query interface entirely, it is possible for a malicious user to bypass Data Redaction policies in certain circumstances.

Be aware that Data Redaction does not place any restriction on the WHERE clause of ad hoc SQL, so the WHERE clause can be used in an iterative fashion to infer the actual data even when there is a Data Redaction policy on the queried column and only the redacted value is displayed.

Remember that the Oracle Database security tools are designed to be used together to improve overall security. By deploying one or more of these tools as a complement to Oracle Data Redaction, you can securely increase your overall security posture.