How To Deploy DataSafe In Five Steps Oracle DataSafe is a unified control center that helps you secure your data, monitor security compliance, and track user activity. Deploying it does not have to be a complex process. You can get DataSafe up and running to protect your cloud and on-premises databases by following these five straightforward steps. Step 1: Enable Oracle DataSafe in Your Region
Before managing any databases, you must activate the DataSafe service within your Oracle Cloud Infrastructure (OCI) tenancy. Log in to your OCI Console. Open the navigation menu and select Identity & Security. Under the DataSafe section, click Dashboard. Click the Enable DataSafe button. Select the specific regions where your databases reside. Step 2: Configure IAM Users and Permissions
Security requires proper access control, meaning you must grant your team members the correct permissions to use DataSafe. Navigate to Identity & Security and select Groups. Create a new group for your data security administrators. Go to Policies and create a new policy file.
Add statements allowing your group to manage DataSafe resources.
Add statements allowing DataSafe to access databases in your compartments. Step 3: Register Your Target Databases
DataSafe needs a secure connection to your databases to analyze them, so you must register them as targets. Go to the DataSafe menu and click Target Databases. Click Register Database and choose your database type.
Provide the database details, including the IP address and service name.
Select your preferred connectivity option, such as a private endpoint or on-premises connector.
Enter the database credentials for a dedicated DataSafe service user. Step 4: Run Assessments and Discover Sensitive Data
With your databases connected, you can now analyze your current security posture and locate risk areas. Open the DataSafe dashboard and select Security Assessment.
Run an immediate assessment to find configuration drift and weak settings.
Switch to User Assessment to review user privileges and identify critical accounts. Navigate to Data Discovery and create a data discovery job.
Execute the job using built-in templates to find sensitive data like PII or financial records. Step 5: Implement Masking and Activity Auditing
The final step is to secure your sensitive data and monitor all ongoing database activity.
Go to Data Masking to create a masking policy based on your discovery results.
Execute a masking job on your non-production environments to safely redact data.
Navigate to Activity Auditing and select your target database.
Click Retrieve Audit Policies to view available database audit configurations.
Enable the recommended audit policies and start collecting activity logs for compliance tracking.
To tailor this deployment guide for your team, please let me know:
What database type are you registering? (e.g., Autonomous, Exadata, On-Premises)
Do you need to connect using a private endpoint or an on-premises connector?
Which specific compliance regulations are you trying to meet? (e.g., GDPR, HIPAA, PCI-DSS)
I can update the steps with specific command line or console instructions based on your setup. Saved time Comprehensive Inappropriate Not working
A copy of this chat, including the images and video, will be included with your feedback A copy of this chat will be included with your feedback
Your feedback will include a copy of this chat and the image from your search
Your feedback will include a copy of this chat, any links you shared, and the image from your search.
Thanks for letting us know
Google may use account and system data to understand your feedback and improve our services, subject to our Privacy Policy and Terms of Service. For legal issues, make a legal removal request.