Two new services will help customers to secure their Oracle Cloud environment.
Oracle announced the general availability of two cloud security tools that are designed to help reduce the risk of data breaches caused by human error.
The new services, Oracle Cloud Guard and Maximum Security Zones, are meant to help make cloud security management easier. Both tools further the company’s goal of automating many of its cloud capabilities.
Oracle Cloud Guard is a cloud security posture management dashboard that’s built directly into the Oracle Cloud console. It acts as a log and events aggregator for all of Oracle Cloud’s main infrastructure services, including compute, networking and storage. The tool also monitors configurations and activities continuously to identify any threats.
Oracle Cloud Guard can also be used by customers to assess the overall security of the Oracle Software-as-a-Service (SaaS) and cloud database services they already use. Should the program find anything suspicious, it will attempt to remediate the threat automatically.
Oracle Maximum Security Zones is designed to safeguard customer’s data using pre-configured security policies. These policies cannot be changed under any circumstances. This inflexibility makes the program “goof proof”, preventing security breaches arising from cloud configuration errors caused by humans. The service currently provides very strict configurations, however Oracle plans to offer less stringent Security Zones in future releases.
According to Oracle, the tool includes policies for several core Oracle Cloud Infrastructure Services, including Object Storage, Networking, Encryption, DBaaS and File Storage.
Oracle cites research from Gartner Inc. showing that increased use of the public cloud by enterprises has resulted in “blind spots” attributable to human error. These blind spots have contributed to more than 200 data breaches over the past exposing more than 30 billion records over the past 2 years alone. Gartner says many of these breaches are avoidable and they forecast that through 2025, about 99% of all cloud security failures will be the customer’s fault.
“As workloads transition to the cloud, organizations are looking for a supplier where security technology is designed-in throughout the complete hardware/software stack,” said Jay Bretzmann, program director for International Data Corp.’s cybersecurity research. “Oracle’s new cloud security services will help automate and simplify the management of increasingly critical applications with painfully stringent security and compliance requirements that, until lately, few imagined would ever migrate off-premises.”