Oracle has stated that it is the first public cloud provider to launch a security policy enforcement plan incorporating best practices, with Oracle Maximum Security Zones.
Oracle Cloud Guard assesses configurations and general activities to detect potential threats and automatically responds and repairs any faults across all Oracle Cloud global regions.
The rise and transition towards cloud technology have created a number of new security ‘blind spots’. As a result, there has been in excess of 200 security breaches in just the last two years. Recent studies from Gartner have forecasted that by 2025, nearly 100% of cloud security failures will be the fault of the customer. Clay Magouyrk, executive vice president of Oracle Cloud Infrastructure explains that security has a core part of the design plan in Oracle Cloud for many years.
Magouyrk believes that security should be a necessity that is integrated, instead of making customers decide between security or a lower-cost service. Magouyrk explains that Oracle Cloud Guard and Oracle Maximum Security Zones security automation and embedded knowledge means customers can be assured when operating their business workloads on Oracle Cloud.
Oracle Cloud Guard operates as a log and events system that automatically integrates with all major Oracle Cloud Infrastructure services i.e. Compute, Networking and Storage and adds specific, unique elements referred to as targets, detectors and responders.
Oracle Maximum Security Zones goes beyond IaaS access management to block insecure actions or processes by using a new policy tool that is applicable to certain selected cloud tools. Oracle believes the new service will ensure all resources are secure from potential threats by enabling the best available security practices.
Jay Bretzmann of IDC cybersecurity research explains that as workloads move to the cloud, businesses are actively looking for a supplier where security technology is created throughout the entire hardware and software chain. Bretzmann believes the new cloud security services will support the automation and enhance the management of vital applications with strict security and compliance standards, that many believed would not be available off-premise.