copyright © 2015 oracle and/or its affiliates. all rights...

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. |

Safe Harbor Statement

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

2 Oracle Confidential – Internal


Agenda

1. World Class Scale and Ranking

2. Security

1. People, Processes, and Technologies

3. Customer examples

4. Summary

5. Resources


Security: The Cloud Enabler

48%

Oracle Public

of organizations already believe moving from traditional on-premises to a public cloud could provide better security overall


World Class Scale Oracle Company Statistics

• US $37 Billion total GAAP revenue in FY 2016

• 420,000 customers

• 310,000 Oracle Database customers

• 120,000 Oracle Fusion Middleware customers

• 110,000 Oracle Applications customers

• 6,000 engineered systems customers

• More than 25,000 partners worldwide

• More than 135,000 employees, including:

• 40,000 developers and engineers

• 16,000 support personnel

• 18,000 consulting experts

• More than 3.1 million students supported annually in 110 countries


Oracle Cloud

Oracle has been in the cloud business since 1998 with Oracle On-Demand


World Class Scale Oracle Cloud Growth (YoY%)

Oracle Confidential – Internal/Restricted/Highly Restricted 7

95% 100% 150%

354 398

449 487

706 723 735

913

0

100

200

300

400

500

600

700

800

900

1000

Total Storage (PB)

23209 30656 31570

39818

54011

64275 72611

78386

0

10000

20000

30000

40000

50000

60000

70000

80000

90000

Virtual Machines

15000

20000

25000

30000

35000

40000

45000

50000

55000

60000

Q3

FY1

3

Q4

FY1

3

Q1

FY1

4

Q2

FY1

4

Q3

FY1

4

Q4

FY1

4

Q1

FY1

5

Q2

FY1

5

Q3

FY1

5

Q4

FY1

5

Q1

FY1

6

Q2

FY1

6

Q3

FY1

6

Tenants (End of Quarter)


27M+ Weekly Active Cloud Users

83,000+ VMs in

20+ Global Data Centers

– Carrier Neutral, Enterprise Class

45+ Billion Transactions per Day

Cloud Customers in

190+ Countries 35 Languages

56,000+ Cloud Enterprise Tenants

1,600+ Cloud Operations Professionals

8

1,075+ PB Total Storage Under Mgmt

$5.5 Billion Annual Research and Development Spend

24 x 7 Tier I Support Global IT Operations Team

World Class Scale Oracle Cloud Statistics


Gartner Magic Quadrant Ranking Oracle APaaS Cloud Service • Strong Vision • Seamless Transition to Cloud • Complete Cloud Stack • PaaS for SaaS • Support for Hybrid Cloud


Gartner Magic Quadrant Oracle IPaaS Cloud Service • More than 250 Customers in < 1 Year • First appearance in GMQ and already

ahead of MS, SAP, IBM and 10 others • Oracle rated among highest for support

and overall satisfaction


Oracle PaaS Uptime Calendar – CY Q2/2016

11


Build, deploy, manage and protect enterprise, world-class datacenters and Oracle facilities worldwide

Technology

Deploy and manage industry leading solutions across Oracle cloud

Process

Deploy and enforce stringent processes and controls across cloud and infrastructure operations

People

Hire the best talent and train them on Oracle’s operational, development, and security practices

Oracle Public 12

Oracle – Trust and Operational Excellence Part of Oracle’s DNA

Oracle Public Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |

Physical

Physical


People

• 1600+ cloud operations professionals

• 16,000 support personnel

• 18,000 consulting experts

• 40,000 developers and engineers

• Follow Oracle Secure Coding Standards

• 1,700 security Point of Contacts for tactical implementation of OSSA



Global Nerve Centers & Staffing

• 24 x 7 Tier I Support • Global IT Operations Team


Process

• Oracle Security Oversight Committee

• Chaired by Safra Katz, CEO/CFO

• IT and Cloud Operations

• Oracle Software Security Assurance

• Secure Coding Standards

• Vulnerability handling

• Define and drive open standards:

• SCIM, Oauth, Oasis KMIP, etc.

• IT-ISAC member


People

Technology

Physical

Copyright © 2014 Oracle and/or its affiliates. All rights reserved. | Oracle Public 16

Visibility Governance Transparency

Overall Cloud Security Objectives

Comprehensive

Enterprise-wide

3rd Party audit reports

Over 100 reports

Per month

Security incidents

Auditing procedures


Oracle Public Cloud - Security Oversight and Governance

Oracle Confidential – Internal/Restricted/Highly Restricted 17

CORPORATE SECURITY

BUSINESS AUDIT AND ASSESSMENT

SOFTWARE SECURITY ASSURANCE

IT INDUSTRY INFORMATION SHARING AND ANALYSIS CENTER (IT-ISAC) MEMBER

SECURE DATA CENTERS

CORPORATE SECURITY SOLUTIONS ASSURANCE PROCESS (CSSAP)

Comprehensive Policy, Process, Monitoring and Enforcement!

PLATFORM HARDENING AND CONFIGURATION MONITORING


Part of the Service Subscription

Security and Data Privacy

• 3rd party testing is conducted on every major release of each cloud service

• 3rd party reports provided to customers

• Over hundred distributed each month

• Daily “blackbox” Scanning

18

Vulnerability Assessments


Security Operations : Incident Response

• Dedicated Cloud Security Teams Provide: – Detection

– Mitigation

– Forensics

– Notification

• Incident Response Efforts Coordinated With: – Global Information Security

– Global Product Security

– Privacy & Security Legal


Technology

• Security Cloud Services for identity, development, analytics, compliance and data protection

• Secure layers of defense across SaaS, PaaS, and IaaS

• Encryption, redaction and masking of data in prod and nonprod

• Privileged user controls on both Oracle and customer administrators

• And more…


SaaS PaaS IaaS


Operational Excellence Mission Critical Cloud Computing

• Mission Critical Service Delivery – IT requirements designed in and consumable by customers

• Defense in Depth Cloud Security – Not dependent on a single security tactic or approach

• Full Stack Ownership – Full control of design, performance, and delivery

• Comprehensive Regulatory Compliance Controls – Highest common denominator approach to consistent delivery

Integrated Scalable Secure


Comprehensive Security Controls for the Cloud

Oracle Public

PHYSICAL ACCESS (IT STAFF)

INTRUSION DETECTION

MOBILE SECURITY

Segregation of duties

Data masking

Encryption and redaction

SIEM Network security

Infrastructure Monitoring

Biometric scanner

Video surveillance

Man traps

Access card Security zones

Secure identity

Application management

Content management

CUSTOMER ACCESS AND AUTHENTICATION

LOGICAL ACCESS (IT STAFF)

GOVERNANCE AND AUDITING

Antivirus/anti-spam

Personal firewalls

VPN + 2 factor auth

Desktop encryption

IP Address filtering

IPSec VPN

TLS for HTTP, FTP encrypt

Daily scans Patch and versioning

Access reviews

Daily app code scans

DATA ACCESS OIDC/OAuth SAML

IPSec VPN Site2Site (Corente)


Security Cloud Services: Enabling Faster and More Secure Cloud Adoption

Identity Cloud Service

Compliance Cloud Service

Security Monitoring & Analytics Cloud Service

Hybrid Data Security Protection: Database Security


API Platform Cloud Service

More to come


Identity Cloud Service


Hybrid Identity Manage user identities for both cloud and on-premises applications with enterprise-grade hybrid deployments Open and Standards-based Rapidly integrate cloud and on-premises applications using a 100% open and standards-based solution Secure Defense In-depth Gain layers of defense with identity hosted as an Oracle Public Cloud (OPC) service and integrated with


Physical

• 19 Tier 3+ enterprise grade datacenters worldwide

• Multiple physical layers of defense including access controls

• Access cards, biometrics, man-traps, secure zones

• Surveillance and alerts for physical entry and disaster recovery/HA



Operational Excellence Oracle Cloud Data Centers

Local Data Residency

• 19 “strategic” Oracle Cloud data centers

• Emphasis on Carrier Neutral facilities to achieve best possible peering and participate in local network exchange

• Primary metro regions are multi-vendor campuses with fiber inter-connects

• Contracting usage based model, specifically variable metered power

• State of the Art • 99.999% availability • ISO certified


Cloud Security Alliance – “Treacherous 12” ORACLE CLOUD

SECURITY

Data Breaches

Insufficient Identity, Credential, and Access Management

Insecure Interfaces or APIs

System Vulnerabilities

Account or Service Hijacking

Malicious Insiders

Data Loss

Insufficient Due Diligence

Abuse of Cloud Services

Denial of Service

Advanced Persistent Threats

Shared Technology Vulnerabilities

Confidential – Oracle Public 27


Deployment Options and Security


OPC – Security Deployment Options SaaS

• Data Encryption at Rest • Included for most services offered • Oracle manages keys

• Break Glass • Subscriber has control over who, when, how access to their data is allowed • All such access is audited and reports made available for review • Three entitlement types

• Support Team • DBA • App and Mid-Tier admin

Database Vault Datasheet Security Agenda Benefits

../../Acrobat/Datasheet - Oracle Database Vault.pdf



OPC – Security Deployment Options PaaS-DBCS (Requires High Performance or Extreme Service)

• Database Vault • Protects against insider threat by preventing privileged users [Oracle Cloud Ops DBAs] from accessing your private

applications data using Oracle Database Vault Realms and pre-built Protection Policies. • Helps mitigate risk in addressing regulatory compliance requirements • Database Vault Reports (attempted violations, vault policy reports) • Subscriber controls access for support personnel

• Transparent Data Encryption (TDE) and Data Redaction • Tablespaces are encrypted by default • Subscriber manages the keys • Data Redaction removes sensitive fields at presentation time

• Data Masking Cloud to Cloud • Transform sensitive data for non-production and reporting activities • (On premise to cloud requires on premise license)

• Label Security • Label-based “Mandatory Access Control” solution





OPC – Security Deployment Options IaaS/Compute

• Bring your own license (BYOL) – DBVault, Transparent Data Encryption, etc • Storage Cloud Service – can encrypt data being stored as object using Java library

• If TDE not appropriate, such as using IaaS but not using Oracle database

• Subscriber manages encryption keys





Customer Examples


One Optimized View End to end insight from field to factory.

Shift from manufacturing to digital and IoT. Operating efficiency–200 ERPs down to 40.

Solution Cloud PaaS & Cloud ERP

Digitally Connect Securely ingest machine-grade data at scale and analyzes it to

deliver outcomes–fast

Predictive Maintenance IoT automating and improving processes, logistics


Customer Experience South Australia based organization.

Allow customers to manage medication refills, prescription history, notifications

Solution Mobile Cloud

Scale and Performance Mobile solution to serve +300,000 members

Secure Integration to on-premises applications and other Oracle and non-

Oracle SaaS applications


Mobile Wallet Payment for New Business Venture in 4 months

• Java Cloud Service to quickly deploy “mWallet” payment system for customers across Gulf region

• Delivering mobile and PoS capability to small businesses

• Predicting tripling of market uptake in 12 months • 24x7 availability with multi-DC deployment • 25% better performance in Oracle Cloud than On-

Premise • 50% lower cost of operation in Oracle Cloud than

on-premise

50% less IT budget required for mWallet

project deployment and updates.

3000 Txn/min Based on initial customer uptake, with 300% growth

expected year on year

Live Since Q1FY16

Elbooq


Security is Critical to Oracle’s Cloud Platform

36

Oracle Cloud is Protected by Oracle’s Security Solutions Security in the Foundation

• Data and API Protection

• Account Management

• Single Sign-On

• Access Control

• Audit and Reporting

Software as a Service (SaaS)

Platform as a Service (PaaS)

Infrastructure as a Service (IaaS)

Oracle

Clo

ud

Secu

rity


Built in

security controls

at every layer

Comprehensive

security for

the cloud

Trust and

Operational

Excellence

Integrated Cloud Platform

CLOUD

Consistent

across hybrid

deployments


Resources

• Cloud Security Whitepaper – https://cloud.oracle.com/en_US/compute?lmResID=1385171309534&resolvetemplat

efordevice=true&tabID=1383678920245

• Oracle Software Security Assurance Process – http://www.oracle.com/us/support/assurance/overview/index.html

38

https://cloud.oracle.com/en_US/compute?lmResID=1385171309534&resolvetemplatefordevice=true&tabID=1383678920245

https://cloud.oracle.com/en_US/compute?lmResID=1385171309534&resolvetemplatefordevice=true&tabID=1383678920245

http://www.oracle.com/us/support/assurance/overview/index.html

copyright © 2015 oracle and/or its affiliates. all rights...

Documents