Information Access Security Statement for the HCM Cloud Recruiting Service
(Doc ID 2025550.1)
Last updated on SEPTEMBER 12, 2016
Applies to:Oracle Taleo Recruiting Cloud Service - Version 15A and later
Information in this document applies to any platform.
The following information is valid as of July 1, 2015
Please review the attached document for the full statement including legal disclaimers.
Customers and Industry segments (Financials, Healthcare etc.) that are sensitive to strict access and audit controls to sensitive personal information, are increasingly looking for additional capabilities to be compliant with their internal Information Security processes. Our HCM Development team and Cloud Operations are investing in Data Vault based protection for unauthorized data access from Database and System Administrators, and Virtual Private Directory (VPD) based solution for protection against SQL based access by unauthorized users.
Current Including Release 15A
Currently, Oracle Recruiting Cloud Service supports following access controls:
- Application level support to prevent access by unauthorized end users
- Data Encryption at Rest in the Database server
- There are further access controls for DB credentials. Each individual that needs access on the databases require a special privileges added to their own user account to access a bastion and there is an internal approval process that requires Cloud Security approval for them to gain that said access as well as a very restricted set of credentials to connect to the specific databases hosting the customer data. We are planning to move this as an OIM entitlement in 2017. There is no direct database access possible without these credentials.
Customers are not able to:
- Protect sensitive personal information access from unauthorized SQL access by users
- Protect sensitive personal information access from unauthorized System & Database Administrators
The following requirements are currently under evaluation for investment to support enhanced security and access control with Oracle Recruiting Cloud Service:
- Virtual Private Directory (VPD) for protecting PII (Personally Identifiable Information) data from SQL access by unauthorized users
- Data Vault based solution for protecting customer schemas from unauthorized access by Database and System Administrators
No action is required as the information provided is for informational purposes.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document
|Current Including Release 15A|