Oracle beefs up cloud security with new features
With the increasing adoption of the cloud in the Middle East, securing and keeping data safe on the cloud has become a daunting challenge for IT leaders. Oracle says it is addressing challenges around data protection, visibility, and control with its next-generation cloud infrastructure. The enterprise software behemoth is setting up new cloud data centres in the UAE and Saudi Arabia based on its Gen 2 cloud infrastructure, which is specifically architected to offer best-in-class security to users.
“The promise of the cloud is irrefutable, but at the same time, threats are also real as we become more connected. We need to think of security more holistically while choosing a path to the cloud,” said Steve Daheb, senior VP of Oracle Cloud, addressing media on the sidelines of Oracle Openworld event. “It is about protecting everything from users, applications, data, infrastructure to physical security as well. The attack surface is getting larger, and it is becoming difficult to defend against bad actors who are leveraging emerging technologies to wage a sophisticated war against us.
“We are weaving AL, ML, and autonomous technologies into our security offerings. For instance, we have the world’s only self-patching, self-securing database. We have integrated ML into security so that we can not only monitor but also respond and mitigate breaches. We can understand what an anomalous behaviour is and proactively defend against it. We have a fundamentally different philosophical approach to security.”
Daheb blamed some of the much-publicised data breaches on unpatched databases and unencrypted data. “Breaches such as Equifax and Capital One would not have happened on Oracle. In 70 percent of the cases where breaches occurred, it was internal, and in 85 percent cases, there were patches available. There are 3.1 million cybersecurity jobs available in the US alone, and we can’t find enough people to throw at it. We have implemented an architected-in security approach that protects the data itself.”
Wim Coekaerts, senior VP of Operating Systems and Virtualisation Engineering at Oracle, said that one of the advantages of cloud providers is security at scale. “Not every company can afford security specialists. As cloud vendors, we have to be secure because if we have a breach, we lose customer confidence in us. We can hire a lot of security professionals, and we can do this at scale, which is too expensive for individual companies.”
He went on to add that Oracle is pursuing a very aggressive cloud strategy. “We are going to up a new cloud region every 23 days over the next 12-18 months, and we can’t do that without automation. It is all about autonomous tech – we started with the autonomous database, Linux, and now we are introducing other services where automation comes into play.”
Coekaerts said one of the biggest differentiators for Oracle is its ability to do patching without any downtime. “We have technology that allows us to patch OS and database online without bringing down apps. We can patch Linux kernel in a matter of micro-seconds. And when Spectre and Meltdown broke out, every cloud vendor had to reboot their clouds, and it took them months to circulate the patch. We applied 120 million patches in four hours across our whole cloud, and nobody knew.”
To bolster cloud security, Oracle has also recently introduced Cloud Guard, which centralises the protection of customers’ cloud assets and automates the whole process of threat detection and remediation without human intervention.