The massive—and still-growing—amount of information in corporate databases means that mission-critical applications are ripe targets for hackers and other bad actors. With more databases now developed, deployed and managed in the cloud, it’s imperative that you collaborate with cloud providers to protect those databases.
Organizations have several important opportunities to provide robust security for their database workloads, whether in the cloud or in their own data centers. For instance, the zero trust security model—predicated on the notion that devices and users are not automatically trusted as authentic and allowable but instead must always be authenticated and verified—is now widely adopted by enterprises around the world. Also, the shared-responsibility model of cloud security has evolved into an industry standard, with cloud service providers responsible for securing the cloud infrastructure and their customers responsible for securing their data and applications.
Many organizations have felt squeezed by what they see as major drawbacks in moving all database workloads to the cloud, with concerns over security, control, data sovereignty and governance policies that prevent them from running crucial databases in a public cloud environment. Organizations also are rightly concerned about the well-publicized cybersecurity skills gap, with a reported 4 million as-yet-unfilled positions globally.
More often, enterprises are looking for the best of both worlds: the flexibility and agility of a cloud computing model, combined with the security and data protection of traditional on-premises environments.
Oracle Brings the Cloud to the Customer
Oracle Exadata Cloud@Customer has enhanced cloud security for databases and delivers cloud database infrastructure for your mission-critical applications in your data center. To address the strictest legal, regulatory and risk requirements organizations may be subject to, Oracle developed Operator Access Control for Exadata Cloud@Customer running both Oracle Database and Autonomous Database services. Operator Access Control provides your IT teams with the preventive, detective and responsive controls needed to govern how and when your systems are accessed.
To help keep your Exadata Cloud@Customer secure, Oracle implements security controls for the people, processes and technology that manage this service in your data center. Oracle Infrastructure access control practices for Oracle Operators is an important part of Exadata Cloud@Customer. Oracle policies for access control are based on:
- Least privilege: Is access restricted to only those resources and information required for a legitimate business purpose?
- Default-deny: This is a network-oriented approach that implicitly denies the transmission of all traffic and then specifically allows only required traffic based on protocol, port, source and destination.
- Need to know: Does the user require this access for their job function?
- Segregation of duties: Will the access result in a conflict of interest?
KuppingerCole: Finding a Setting Worthy of Your “Crown Jewels”
This paper explains how to find the right database that will allow you to unlock the true value of your data by providing easy access to the data while ensuring it is properly regulated and secured.
Download NowWith Operator Access Control, you gain the controls Oracle developed by collaborating with banks, government agencies, defense contractors and energy companies so you can quickly adopt proven cloud security technology. As a result, you get to control who accesses the infrastructure in your data center, when and for how long they can access it, and what they can do—plus the ability to monitor and log every keystroke as well as immediately terminate access.
Built upon 3rd Gen IntelÒ XeonÒ Scalable Processors, Exadata Cloud@Customer infrastructure includes robust security firewalls that automatically detect and protect against a wide range of security attacks. Exadata Cloud@Customer is designed with a multi-layered security framework that actively and simultaneously protects against a wide range of threats.
By deploying Exadata Cloud@Customer in your data center and taking advantage of security features integrated throughout the solution stack, your organization can maintain data sovereignty and control over its data and meet strict regulations on who can access the infrastructure mission-critical databases are running on.
For more information on Exadata Cloud@Customer, please click here.
