Secure Defense in Depth using IDCS
This is the fourth of a four-part series of blogs that started with an
overview of Identity Cloud Service and is now focused on providing more
insights into each of the key pillars upon which IDCS is designed – Hybrid
Identity, Open & Standards based, and Secure Defense in Depth.
Last week, I wrote about Open
and Standards based Integration and how enterprises can benefit from open
standards and an API-rich Identity platform for integrating with cloud
Among all concerns enterprises have in moving applications and
workloads to the cloud, Security remains the foremost. Both data at rest as
well as data in transit need to be encrypted with enterprise-class key
management to maintain security of enterprise data in the cloud.
IDCS is a cloud-native, identity and security, multi-tenant platform
designed to provide a full set of Identity Access Management and Governance
capabilities. It includes a set of rich access control policies to allow or
grant access to applications. With a full set of API capabilities matching
every available product feature, IDCS allows application developers to
integrate identities easily into their application logic. As the IDCS platform
becomes richer with additional capabilities, developers will continually get
additional capabilities to seamlessly integrate into their applications.
Finally, IDCS benefits from the layered
security of the Oracle Cloud, gaining from a rich set of data security and
preventing controls. IDCS uses Oracle Transparent Data Encryption (TDE), which
automatically encrypts all customer information in the cloud including sensitive
data such as identity records, policies and audit log information. IDCS also protects
each customer’s data using database schema isolation, thereby adding a layer of
segregation of each customer’s data from other customers that share the
One of the benefits of IDCS being a native Oracle Cloud service is that
it is tightly integrated with the operational and technical aspects of Oracle’s
data security. Compared to general-purpose application stacks that run on an
independent Infrastructure or Platform, this single vendor approach strengthens
We look forward to seeing you at Oracle OpenWorld! Do check
out the Identity sessions as well as cool product demos at our booth.