Protecting your data while it resides on DISK is critical. For example, if you have DBF files for your TABLES and INDEXES, you should probably encrypt those.
But what about your backups, or exports?
Data Pump has supported Encryption since at least 11g.
And now with Oracle SQL Developer 19.4, it’s very easy to create encrypted EXPORTs and read those back in via IMPORTs.
Data Pump encryption features require that the Oracle Advanced Security option be enabled.https://docs.oracle.com/en/database/oracle/oracle-database/19/dblic/Licensing-Information.html#GUID-AB56CEE3-955E-4E56-8B44-6075E889C283
Don’t forget to supply your password before trying to read the DMP file, or you’ll see something like this –
Easy to fix, assuming you know the magic word. Just go back a screen…
Then clicking next, we’ll attempt to read the DMP file so you can see what’s inside of it:
And if we look at the underlying PL/SQL block…
dbms_datapump.set_parameter(handle => h1, name => 'ENCRYPTION_PASSWORD', VALUE => :ENCRYPTIONBIND );
This feature enhancement courtesy our user community!
In particular via Oracle ACE Director Rob Lockard – Rob requested this feature earlier last year. He wrote a book on the topic of Database Security with another ACE Director, so if you’re interested in learning more about security in general with Oracle Database, you might want to give it a look-see. I haven’t read this book yet, so I wouldn’t call this an endorsement, but I CAN endorse both Rob and Osama’s Oracle credentials and excellence overall.