Data Security

The Oracle E-Business Suite applications often contain personal identification information (PII), social security, or credit card numbers that must be protected.

KBACE has identified and documented standard operating procedures (SOPs) surrounding the separation of duty for its own staff. KBACE has implemented Oracle 11g Database Vault to enforce the separation of duties and secure information from highly privileged users.

Oracle Database Vault transparently defends against unauthorized access to application data in addition to intentional or accidental harmful database changes by any users - even privileged users with full administrator rights. This takes into consideration multiple factors such as the time of day, authentication, application, and more.

Oracle Database Vault monitors activity inside the database and enforces real-time preventive controls and can be used to enforce separation of duties within the database. for example, blocking access to sensitive application data while permitting a Database Administrator (DBA) to perform key day-to-day operations.

Application Security

KBACE leverages the multi-tenancy feature of the Oracle E-Business Suite Release 12, enabling the support of multiple clients on a single software instance.

Oracle HRMS multi-tenant functionality uses the built-in security policy and infrastructure of Oracle Label Security (OLS) to secure and manage data of multiple tenants.

OLS enables row-level access control based on the virtual private database technology of Oracle database Enterprise Edition. OLS controls access to the contents of a row by comparing that row’s label with a user’s label and privileges.

The following Oracle E-Business HCM products have been enhanced to meet the multi-tenant functionality requirements:

  • Oracle HRMS
  • Oracle Payroll
  • Oracle iRecruitment
  • Oracle Performance Management
  • Oracle Approvals Management
KBACE Mentor :: Subscription-Based HCM Software Security
Secure Software as a Service for HR

There are no compromises when it comes to security

KBACE implements best-practice measures to protect its Data Centers, Data, and Applications to ensure that no information is compromised in any way, providing secure, uninterrupted services to all clients.

Download KBACE Mentor Security Datasheet Download the KBACE Mentor Security Datasheet

Data Center Security

All data centers are engineered to the standards required to support the Zero-Downtime Network™. They are designed and maintained without compromise for security or redundancy.

Physical Security

Keycard protocols, biometric scanning protocols, and around-the-clock interior and exterior surveillance monitor access to every one of our data centers. Only authorized data center personnel are granted access credentials to our data centers. No one else can enter the production area of the datacenter without prior clearance and an appropriate escort. Every data center employee undergoes multiple and thorough background security checks before they're hired. All our servers are configured to exchange data on a SSL based connection with clients.

SAS 70 Type II

KBACE has processes and safeguards in place designed to protect the assets and data you entrust us with. Therefore, we view a SAS 70 Type II examination as a necessity. A service auditor's examination performed in accordance with SAS No. 70 ("SAS 70 Audit") is widely recognized, because it represents that a service organization has been through an in-depth audit of their control objectives and control activities, which often include controls over information technology and related processes.

Redundancy and Expertise

  • Every data center’s Heating Ventilation Air Conditioning (HVAC) system is N+1 redundant. This ensures that a duplicate system immediately comes online should there be an HVAC system failure.
  • Should a total utility power outage ever occur, all of the data centers’ power systems are designed to run uninterrupted, with every server receiving conditioned Uninterruptible Power Supply (UPS) power. For any extended utility power outages, routinely tested, on-site diesel generators are available and can run indefinitely.
  • Within KBACE Data Centers, only fully redundant, enterprise-class routing equipment is used. Additionally, fiber carriers enter our data centers at disparate points to guard against service failure.
  • Our Certified Technicians are trained to the highest industry standards. KBACE requires that the networking, security, and database administration teams working in our data centers are certified. We also require that they be thoroughly experienced in managing and monitoring enterprise-level networks, systems, and Oracle Application environments.

Global Data Centers

Global Data Centers

North America

  • San Antonio, TX
  • Dallas, TX
  • Herndon, VA
  • Ashburn, VA

Europe

  • Slough, UK
  • London, UK

Asia

  • Hong Kong

Business Continuity

KBACE has implemented various measures to deliver total peace of mind by reducing your risk and restoring your data as quickly and completely as possible. It’s all about ensuring the continuity of your business operations without you having to do much of anything - including worrying.

  • 99% uptime (excluding scheduled maintenance)
  • Redundant Network equipment and Internet Services
  • Diskless Servers to boot from Network Attached Storage (NAS) provides faster replacement of servers in case of a failure
  • RAID5+1 storage configurations
  • Multi-tiered Oracle E-Business Suite environment
  • Oracle database configured with Flashback recovery options and RMAN backups
  • Routinely tested Oracle Data Guard solution for site-to-site failover during a man-made or natural disaster at the primary site
Download KBACE Mentor Security Datasheet Download the KBACE Mentor Security Datasheet