Oracle has announced the availability of Oracle Cloud Guard and Oracle Maximum Security Zones. With Oracle Maximum Security Zones, Oracle can activate security policy enforcement of best practices automatically from day one so customers can prevent misconfiguration errors and deploy workloads securely.
For day-to-day operations, Oracle Cloud Guard continuously monitors configurations and activities to identify threats and automatically acts to remediate them across all Oracle Cloud global regions. With these capabilities, Oracle is the only cloud service provider to offer a cloud security posture management dashboard at no additional cost, with numerous pre-built tools that automate response to reduce customer risk quickly and efficiently.
Companies are moving more business-critical workloads to the cloud than ever before. The increase in cloud adoption has created new security “blind spots” that have contributed to more than 200 breaches over the past 2 years, exposing more than 30 billion records. Gartner forecasts that “through 2025, 99% of cloud security failures will be the customer’s fault2.”
Oracle Maximum Security Zones and Oracle Cloud Guard embed enterprise security expertise and best practices into the Oracle public cloud in an autonomous fashion, accelerating customers’ ability to ramp up to their cloud estate securely from inception.
“Security has been a critical design consideration across Oracle Cloud for years. We believe security should be foundational and built in, and customers shouldn’t be forced to make tradeoffs between security and cost,” said Clay Magouyrk, executive vice president, Oracle Cloud Infrastructure. “With Oracle Cloud Guard and Oracle Maximum Security Zones’ security automation and embedded expertise, customers can feel confident running their business-critical workloads on Oracle Cloud.”
Now available in all Oracle Cloud commercial regions, Oracle Cloud Guard acts as a log and events aggregator that directly integrates with all major Oracle Cloud Infrastructure services—Compute, Networking, Storage—and automatically implements unique components called targets, detectors, and responders. Targets set the scope of resources to be examined, such as compartments and their descendent structures within Oracle Cloud Infrastructure. Detectors identify issues with resources or user actions and alert when an issue is found, such as a TOR login or public bucket. Responders provide notifications and corrective actions to security problems by automatically stopping the instance, suspending the user, or disabling the bucket. As a result, Oracle Cloud Guard provides security administrators the cloud detect-and-response framework needed to lower the mean time to respond to security misconfigurations and scale out security operations centers.
Oracle Maximum Security Zones extends IaaS access management to restrict insecure actions or configurations using a new policy definition that applies to designated cloud compartments. This new Oracle Cloud Infrastructure service helps ensure resources are secure from inception by enforcing rigorous security best practices for highly sensitive workloads. Oracle Maximum Security Zones includes policies for several core Oracle Cloud Infrastructure Services, including Object Storage, Networking, Encryption, DBaaS, and File Storage.
These new services work in tandem to further Oracle’s second-generation public cloud, which is built with security as a critical foundation. Oracle Cloud is distinguished for bedrock design primitives, including high customer isolation, clean host hardware, default encryption, no downtime patching, and sophisticated data protection.
More information is available about Oracle Cloud Guard and Oracle Maximum Security Zones.