What is Your Cloud Security Forecast?
By Tanu Sood-Oracle on Apr 24, 2013
Photo courtesy: www.cloudtweaks.comYou don’t like losing control – that is human nature. In your personal life or professional – whether you are an IT architect, a manager, developer, a DBA or an executive, you never like losing control or not knowing a situation or an outcome. But a cloud deployment is exactly that – where you don’t have a 100% control over or insight into the security framework that govern your applications or data in the cloud.
The problem is further exacerbated with latency and fragmentation. If it is not the same security policies that govern your enterprise infrastructure and your cloud deployment, duplicating security policy data in multiple places will complicate policy enforcement. Fragmentation, in turn, creates latency where a change in the system is not detected or acted upon immediately making your cloud systems vulnerable. If, for example, your employee changes jobs, unless the HR system is immediately able to trigger a revocation alert/workflow across all the applications and systems – both in-house and in the cloud, you may have inadvertently allowed unauthorized (and potentially damaging) access to your applications and data.
Of course, then there is audit and compliance. If you are a financial institution your cloud has to provide reporting to address the BASEL 2 requirements or you will incur financial penalties. If your cloud hosts your General Ledger – your cloud has to provide Sarbanes Oxley (SOX) certification. If your customers are in Europe, your cloud has to comply with the European data privacy directive. How do organizations, such as yours, provide timely compliance reporting and remediation if you don’t have visibility or if recent actions aren’t immediately recorded. Fragmentation and latency, thus, impact audit and compliance reporting. Simply put, if you don’t know about it, you can’t accurately report on it.
So, if fragmentation and latency are the issues, a standardized platform must be the antidote! Having a complete, standardized security and identity management platform will allow you to enforce uniform security policies across all your resources – on-premise or hosted. A platform approach implies seamless integration within components thereby getting rid of security and identity silos. A platform approach implies interoperability so that the framework works for your complete heterogeneous infrastructure. A platform approach affords scalability- you can support thousands or millions of users across the myriad of resources. You can scale to what the new digital experience requires!
Thanks to Oracle’s large and advanced customer base, the company realized the rationale for the platform approach to Security and Identity Management early on. Oracle offers the industry’s first Identity Management platform that is proven to be extensible enough to support your internet scale.
Learn more about Oracle’s platform approach to Identity Management and how you can leverage Identity services at internet scale. Download the free whitepaper today.
And for more information and resources, visit Oracle Identity Management on oracle.com today.