Oracle has announced the availability of Oracle Cloud Guard and Oracle Maximum Security Zones. With Oracle Maximum Security Zones, Oracle is the first public cloud provider to activate security policy enforcement of best practices automatically from day one so customers can prevent misconfiguration errors and deploy workloads securely. For day-to-day operations, Oracle Cloud Guard continuously monitors configurations and activities to identify threats and automatically acts to remediate them across all Oracle Cloud global regions. With these capabilities, Oracle is the only cloud service provider to offer a cloud security posture management dashboard at no additional cost, with numerous pre-built tools that automate response to reduce customer risk quickly and efficiently. Get started here.
Companies are moving more business-critical workloads to the cloud than ever before. The increase in cloud adoption has created new security “blind spots” that have contributed to more than 200 breaches over the past two years, exposing more than 30 billion recordsi. Gartner forecasts that “through 2025, 99 percent of cloud security failures will be the customer’s faultii.” Cloud users and administrators are now expected to know how cloud security services work, configure them correctly, and maintain their cloud deployments. Organizations that have experienced data breaches due to misconfigurations have suffered brand damage, recovery costs and fines. Oracle Maximum Security Zones and Oracle Cloud Guard embed decades of enterprise security expertise and best practices into the Oracle public cloud in an autonomous fashion, accelerating customers’ ability to ramp up to their cloud estate securely from inception.
“Security has been a critical design consideration across Oracle Cloud for years. We believe security should be foundational and built in, and customers shouldn’t be forced to make tradeoffs between security and cost,” said Clay Magouyrk, executive vice president, Oracle Cloud Infrastructure. “With Oracle Cloud Guard and Oracle Maximum Security Zones’ security automation and embedded expertise, customers can feel confident running their business-critical workloads on Oracle Cloud.”
Now available in all Oracle Cloud commercial regions, Oracle Cloud Guard acts as a log and events aggregator that directly integrates with all major Oracle Cloud Infrastructure services – Compute, Networking, Storage – and automatically implements unique components called targets, detectors, and responders. Targets set the scope of resources to be examined, such as compartments and their descendent structures within Oracle Cloud Infrastructure. Detectors identify issues with resources or user actions and alert when an issue is found, such as a TOR login or public bucket. Responders provide notifications and corrective actions to security problems by automatically stopping the instance, suspending the user, or disabling the bucket. As a result, Oracle Cloud Guard provides security administrators the cloud detect-and-response framework needed to lower the mean time to respond to security misconfigurations and scale out security operations centers.
Oracle Maximum Security Zones extends IaaS access management to restrict insecure actions or configurations using a new policy definition that applies to designated cloud compartments. This new Oracle Cloud Infrastructure service helps ensure resources are secure from inception by enforcing rigorous security best practices for highly sensitive workloads. Oracle Maximum Security Zones includes policies for several core Oracle Cloud Infrastructure Services, including Object Storage, Networking, Encryption, DBaaS, and File Storage.
These new services work in tandem to further Oracle’s second-generation public cloud, which is built with security as a critical foundation. Oracle Cloud is distinguished for bedrock design primitives, including high customer isolation, clean host hardware, default encryption, no downtime patching, and sophisticated data protection.
“As workloads transition to the cloud, organizations are looking for a supplier where security technology is designed-in throughout the complete hardware/software stack,” said Jay Bretzmann, program director, IDC cybersecurity research. “Oracle’s new cloud security services will help automate and simplify the management of increasingly critical applications with painfully stringent security and compliance requirements that, until lately, few imagined would ever migrate off premises.”