Upload
dr-wilfred-lin-phd
View
75
Download
0
Embed Size (px)
Citation preview
Security: Now a Reason to Move to the Cloud
Eva Chang Senior Sales Consultant Oracle Systems Hong Kong Limited 26 October 2016
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 2
Trust is Paramount in Choosing a Cloud Partner
Your customers place tremendous trust in
your organization
Today, 92% of executives say their customers are willing to share personal information
58% cannot get assurances, or don’t know, if cloud providers
are looking at their data
2016 Economics of Digital Identity, The Economist Intelligence Unit
Oracle Public Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Physical
Infrastructure
Network
Virtualization
OS
Apps
Data
Service config
Oracle Public 3
Mutual Responsibility with Shared Security Model
Oracle Public Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
SaaS PaaS IaaS
Physical
Infrastructure
Network
Virtualization
OS
Apps
Data
Service config
Physical
Infrastructure
Network
Virtualization
OS
Apps
Data
Service config
Mutual trust is required
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 4
Data is Still the Most Important Asset
Data is an asset
If stolen, a liability
1 out of 3 organizations expect a cloud data breach
Average cost of a data breach continues to rise
2016 IOUG Cloud Security Report; Ponemon Cost of a Data Breach, 2016
Oracle Public Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 5
Without transparency we cannot verify,
without verification, we cannot trust
Only 38% say cloud provider will notify in the event of a breach
Only 1 in 4 have assurance that data will be expunged after
cloud provider contract ends
Cloud Security Requires Trust AND Verify
2016 IOUG Cloud Security Report
Oracle Public Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Security: The Cloud Enabler
48%
Oracle Public
of organizations already believe moving from traditional on-premises to a public cloud could provide better security overall
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 7
Securely Architected
Secure Products
Securely Maintained
Securely Deployed
Oracle Cloud Security Guiding Principles
Independently Verified
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Physical access controls secure access to data by Oracle employees and customers
Technology
Push security down the stack and include layers of defense across IaaS, PaaS, and SaaS
Process
Employ stringent security policies and controls across people, technology and physical datacenters
People
Hire the best cybersecurity talent and train them on Oracle Security Software Assurance (OSSA)
Oracle Public 8
Oracle Cloud Security Overview
Oracle Public Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Physical
Physical
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | 9
Technology
• Security Cloud Services for identity, development, analytics, compliance and data protection
• Secure layers of defense across SaaS, PaaS, and IaaS
• Encryption, redaction and masking of data in prod and nonprod
• Privileged user controls on both Oracle and customer administrators
• And more…
Oracle Public Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
SaaS PaaS IaaS
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | 10
Process
• Oracle Software Security Assurance
• Secure development: Secure Coding Standards
• Vulnerability handling
• Static Code Analysis
• Threat modeling
• Define and drive open standards: SCIM, Oauth, Oasis KMIP, etc.
Oracle Public Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
People
Technology
Physical
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | 11
People
• 1600+ cloud operations professionals
• Developers trained on Oracle’s Secure Coding Standards
• 1,700 security Point of Contacts for tactical implementation of OSSA
Oracle Public Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | 12
Physical
• 19 Tier IV enterprise grade datacenters worldwide
• Multiple physical layers of defense including access controls
• Access cards, biometrics, man-traps, secure zones
• Surveillance and alerts for physical entry and disaster recovery/HA
Oracle Public Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 13
Visibility Governance Transparency
Overall Cloud Security Objectives
Comprehensive
Enterprise-wide
3rd Party audit reports
Over 100 reports
Per month
Security incidents
Auditing procedures
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 14
Security Cloud Services: Enabling Faster and More Secure Cloud Adoption
Identity Cloud Service
Compliance Cloud Service
Security Monitoring & Analytics Cloud Service
Hybrid Data Security Protection: Database Security
Oracle Public Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
API Platform Cloud Service
More to come
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 15
Identity Cloud Service
Oracle Public Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Hybrid Identity Manage user identities for both cloud and on-premises applications with enterprise-grade hybrid deployments
Open and Standards-based Rapidly integrate cloud and on-premises applications using a 100% open and standards-based solution
Secure Defense In-depth Gain layers of defense with identity hosted as an Oracle Public Cloud (OPC) service and integrated with enterprise security capabilities
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 16
API Platform Cloud Service
Oracle Public Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Agility Innovate quickly to increase efficiency and bump up your bottom line
Visibility Have a clear view of your APIs and their performance
Security Ensure the most up-to-date security policies are in place
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 17
Security Monitoring and Analytics Cloud Service
Oracle Public Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Comprehensive Detection Any log, any intelligence feed, any metric, any location (on-premises or cloud)
Rapid Investigation Intuitive visualization of threats and early warning signs
Intelligent Remediation Powerful auto-remediation framework for any IT stack
Faster Time to Value Next-gen cloud service with SOC ready content
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 18
Compliance Cloud Service
Oracle Public Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Standards Based Execute industry standard compliance benchmarks at cloud scale
Application & Cloud Aware Assess compliance against infrastructure and applications stacks, on-premises or in the cloud
Efficient & Actionable Quickly determine your enterprise compliance posture and remediate violations
Extensible Execute custom scripts and enforce your organization’s standards
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 19
Database Cloud Service
Oracle Public Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Evaluate Assess overall database environment including sensitive data, privileges, and configurations
Prevent Mitigate unauthorized access to data using encryption, masking and privileged users controls
Detect Monitor and respond to anomalous behavior
Built in
security controls
at every layer
Comprehensive
security for
the cloud
Community
that benefits
from the whole
Secure Cloud Security Services
CLOUD
Consistent
across hybrid
deployments