Cloud Security Perspectives and Insights

Gain Visibility Into Your Environment with the Oracle Cloud Security Assessment Tool

Mike Hoyman
Master Principal Sales Consultant

Did you know Oracle has one of the biggest security practices in the United States? 

When you think about breach remediation, your first thoughts may be FireEye or PwC, but the reality is, once you get past the network tier, Oracle takes over because our technologies are usually in place in the Web, Application and the database tiers. In the end, hackers are after data in databases.  Many times, hackers are not even attacking your systems; they are hacking your people.  Do you think your employees are up to the task to stop a cyberattack? If hackers can penetrate the most secure organizations in the world, then they no doubt circumvent your organization’s security controls to get inside of your company.

As companies continue to battle against attacks, Oracle is working to provide customers with solutions to strengthen security. One valuable service Oracle provides is the Database Security Risk Assessment (DBRA) where we will ensure you are configuring your databases to reduce security risks.  We will also demonstrate how a threat actor could potentially hack your organization.  We have been providing this service for the last 7 years and it is a very mature program. 

Along with the DBRA, Oracle provides the Cloud Security Assessment (CSA) which extends the DBRA into your Cloud Platform. In a Cloud Security Assessment, we will evaluate your current cloud security posture.   Leveraging our Cloud Access Security Broker (CASB) and Oracle Management Cloud (OMC), we can calculate a risk score for every user accessing your Cloud environment to give you visibility into who is accessing your Cloud environment and what actions they are taking. We can also give you insights into the health of your infrastructure and understand the patterns of your workload and what to expect in the future in terms of performance and reliability.

Your security responsibilities will differ depending on your SaaS, PaaS or IaaS deployment.  Various public clouds have different security capabilities, it is important to understand what you are receiving from a cloud service provider (CSP). The following questions are important to consider when selecting a CSP and while evaluating your environment:

  •  Does your CSP encrypt data at rest and in-flight?
  • Do they offer both stateful and stateless firewalls?
  • Do you have a Firewall in front of your Systems?  A Stateful Firewall? 
  • Can you implement Network Address Transaction (NAT)? 
  • Have you implemented multi-factor authentication?


As an Oracle customer, the first step is to download the DBRA. Once enrolled, we can provide you with a report on your environment detailing the following 6 domains: data privacy, controlling access to data, systems health, user management, configuration and auditability/visibility. How do you feel about your Cloud Security Architecture?  As shown in the image above, do you think the dials of your report will be all green, indicating low risk?  If not, schedule a Cloud Security Assessment and improve your security to where it needs to be.  It's free program for Oracle customers and takes about 2 days of your time.  

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.