Cloud Security Perspectives and Insights

Why Oracle Cloud Infrastructure Security Is a Cut Above

Farah Mithani
Digital Marketing Specialist

As companies transition to the cloud for greater speed and agility, they’re also starting to see security as a cloud benefit rather than a risk. According to the Oracle and KPMG Cloud Threat Report 2019, 73% of survey respondents indicated the cloud offers a more secure environment than they can provide on premise.

This perception has resulted in continued and growing cloud adoption and a willingness to put sensitive information in the cloud. Again, in the Oracle and KPMG Cloud Threat Report 2019, 71% of respondents reported that the majority of their cloud-resident data is sensitive. That’s up from 50% in 2018. But with today’s larger and more diversified threat landscape, businesses need to be absolutely sure of the depth of their security before they trust the cloud with such important workloads. At Oracle, we anticipated this need and built our cloud from the ground up to address it.

In our Gen 2 cloud, security is built-in rather than bolted on. This approach makes Oracle Cloud Infrastructure the best place for mission-critical workloads because of its security-by-design approach and its automated and always-on security controls, as well as multiple layers of defense, or defense in depth.

Oracle’s past innovations have paved the way for us to deliver a modern public cloud built for the world’s most security-intense data. We’ve taken a security-centric approach from day one. We initially built our namesake project, the Oracle Database, for the CIA in the late 1970s. Throughout our history, from our on-premise databases to our applications, security has always been a top priority. Today, Oracle Cloud Infrastructure’s built-in security spans edge services, monitoring, virtual networks, instances, data, and identity.

Oracle Cloud Infrastructure’s architecture also provides better protection than Gen 1 clouds through key design principles, such as its isolated network virtualization. Some Gen 1 clouds are vulnerable to lateral attacks due to hypervisor breakout. A bad actor can gain access to a virtual machine and move laterally to find high value targets and data to steal. With Gen 2 clouds, the same attacker is moated off on the host with nowhere to go. The hardened “isolated” network virtualization layer makes takeover impossible and the threat is contained on the original server.

While isolated network virtualization is foundational to Oracle Cloud Infrastructure security, it’s by no means its only differentiating element.  Security controls, including web application firewall, key management systems, and monitoring and mitigation services, provide layered defenses which span the full stack of cloud deployment protection requirements. Across all of these data layers is identity, making sure the right people get the right access to data at the right time.

But perhaps the biggest proof point for Oracle security are the customers that trust us with their business’ most important data. One company’s journey to Oracle Gen 2 Cloud Infrastructure is a great testament to Oracle’s expansive security capabilities. This regulatory technology company needed to migrate its SaaS-based platform to a cloud platform to improve provisioning times, but it didn’t want to compromise security. The company also wanted to do a better job of protecting its network edge and gain greater visibility into the types of cyber threats targeting its internet-facing SaaS platform. Oracle Gen 2 Cloud Infrastructure helped this company overcome these challenges with several key capabilities. Oracle’s unique ability to secure the SaaS platform before, during, and after the migration with a cloud-based and fully managed Web Application Firewall (WAF), DDoS Protection, and API Protection from the Oracle Web Application Security Suite were key ways Oracle helped strengthen the company’s cloud security posture.

Security continues to be a priority as more companies seek to move their mission-critical applications to the cloud. When companies are ready to make that transition, Oracle Cloud Infrastructure will be there with built-in security features, multiple layers of defense in depth, and decades of expertise in security to support our customers. To learn more about the other benefits of Oracle Cloud Infrastructure, you can access our OCI Security whitepaper and infographic.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.