Learn how businesses like yours can begin to optimize for today and plan for tomorrow with Cloud-Ready IT Infrastructure

  • October 18, 2018

The Three Layers of Defense with Oracle Cloud at Customer Solutions

Maywun Wong
Director, Product Marketing

An enterprise can receive up to 17,000 security alerts each week but investigate only a fraction of them. Companies are finding it nearly impossible for their security teams to keep up, and they’ve realized that throwing more people at the problem isn’t the answer. Companies want security that’s built into their cloud products so that they can rest assured that their security is strong enough.

While a Gartner study estimates that more than half of all enterprises will implement an all-in-cloud strategy by 2025, not all companies are ready or able to move to a public cloud environment. For instance, many companies need to maintain data in their own data center for regulatory or latency issues. For these businesses, the traditional public cloud is not the only option.

Oracle’s Cloud at Customer portfolio is a unique cloud delivery model that offers the benefits and built-in security processes, expertise, and technology of Oracle’s public cloud while allowing you to stay in control of data security behind your own firewall.

Among the most important benefits of any Oracle Cloud deployment is data security. Oracle Cloud operates under a shared responsibility model that builds security in at every layer. All cloud solutions come with extensive, continual security measures so that you can focus on extracting value from your cloud-based data instead of how to protect that data. With all Oracle Cloud platforms providing the same security assurances and continued protections, Cloud at Customer users realize the same level of security as the public Oracle Cloud customers.

Let’s look at some of the security measures you should consider if you’re planning a move to the cloud, and how Oracle approaches cloud security to maintain the highest level of protection—for private and public cloud users alike.

Your First Layer of Defense: Keep Patches Up to Date Without the Upkeep

With so many security alerts, it’s little wonder internal security teams are struggling. In our own research on cloud threats, we found that 86% of firms felt unable to “collect and analyze” the vast majority of their security event data at scale.

As a result, 85% of security breaches occur where a patch was available but not implemented. Security teams need a patching strategy that ensures patches are implemented on a regular basis.

Because of Oracle’s shared responsibility approach, via our Patch Update Program, Cloud at Customer is maintained, patched, and upgraded by Oracle. We deploy patches quarterly along with critical software updates.

Your Second Layer of Defense: Take a Hybrid Approach to Your Security Solutions

When it comes to cloud deployments, enterprises are increasingly maintaining a mix of public cloud, private cloud, and on-premises infrastructure for their databases, applications, and workloads. But all these workloads must be able to communicate with each other and be protected as one integrated system.

Oracle Cloud Security Solutions allow you to manage your hybrid environment under one security umbrella. This  suite of four tools that prevent, detect, respond to, and predict threats across public and private cloud and on-premises databases:

  • Cloud Access Security Broker (CASB) is a cloud-based security broker and automation tool that works across your entire technology stack to provide increased visibility, detect threats, and automate responses to enhance the security of corporate data.
  • Oracle’s Identity Cloud Service offers a secure single sign-on solution for on-premises, Oracle Cloud, and Cloud at Customer networks.
  • Our Security Monitoring and Analytics (SMA) cloud service works 24/7 to detect, investigate, and remediate security threats across your networks.
  • Configuration and Compliance Service is especially useful for Cloud at Customer users to monitor and address compliance issues using industry benchmarks and your own compliance rules.

Available as separate products or as a suite, these solutions work alongside the native security functions built into all Oracle applications and infrastructure solutions.

Your Third Layer of Defense: Take a Holistic Approach to Cloud Security

At Oracle, we believe security should be a holistic and continuous process involving four tiers: physical, technical, process, and people.

Physical and Access Control: One of the benefits of Cloud at Customer is that you control your data’s location and physical security within your own data center. But this isn’t the end of the story for physical cloud security.

Because Cloud at Customer is an extension of Oracle’s public cloud, the cloud operations are managed the same way as in the Oracle data center, but remotely. Therefore, it is important that cloud environments like Oracle’s undergo regular maintenance of their security configurations. A well-managed environment ensures that authorized people have access to sensitive data, and unauthorized people do not.

As a Cloud at Customer user, you benefit from the remote Oracle Cloud Operations team’s physical security access, as well as your ability to control security in your own data center. 

Technology: Security can’t be an afterthought when designing a database or application. All technology that touches the cloud needs to be built thoughtfully to safeguard against common security loopholes.

Like the rest of Oracle Cloud, Cloud at Customer was built using strict secure coding standards designed to push security down your stack across your IaaS, PaaS, and SaaS tools. It can all be connected under a single dashboard by integrating your current systems with Oracle Security solutions.

Process: Cloud security isn’t just about configuring a database or designing a tool—it’s a continuous process. With more cyberattacks occurring each year, security monitoring is a rising issue for most enterprises.

We help you protect your data using continuous security measures, such as scheduled patching and 24/7 monitoring.

People: One of the most common causes of security breaches is a lack of training on cybersecurity issues. In our most recent cyber threats survey, we discovered that only 43% of organizations could identify the most common IaaS shared responsibility model.

At Oracle, all of our cloud service employees are certified through OSSA and use industry-specific best practices to develop and maintain our solutions. But we can also train your employees to be OSSA certified.

Choosing between on-premises and public cloud infrastructures shouldn’t be a matter of security. Oracle builds all of its products so that you can focus on the benefits of each solution instead of how to protect it. The security available with Oracle’s Cloud at Customer offerings allows you to adopt all the security best practices of Oracle Cloud while maintaining the security within your own data center. 

Discover more about how Oracle Cloud at Customer and Oracle Cloud Security Solutions give you security and control. And follow us at @Infrastructure@Exadata, and @OracleSecurity for all the latest announcements and insights.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.