30 Minutes Presentation for Oracle Cloud Days Security: Now a Reason to Move to the Cloud IT professionals say their top concerns for adopting cloud are related to security: security of the cloud platform itself, the ability to secure applications deployed in the cloud, and complying with data privacy laws. As organizations transition from on premises to the cloud, they are additionally challenged with maintaining a consistent security posture. Join this session to hear how a hybrid cloud approach can provide better security, and how Oracle aligns people, process, and technology to provide integrated defense in depth at every layer of the computing stack, including SaaS, PaaS and IaaS. You will also hear how customers are taking advantage of Oracle’s Cloud Security Services in order to protect their users and drive digital transformations more securely and quickly.
Resources for background: Streamed recording of webcast: https://oracle.webex.com/oracle/ldr.php?RCID=51ce30ba0866cec39162952affbb798c Download recording of webcast: https://oracle.webex.com/oracle/lsr.php?RCID=a074498abed4a12bae926d394f2686ba Script in Word Doc format: https://stbeehive.oracle.com/content/dav/st/AllSecurityContent/Documents/FY17/Cloud%20Days/Security-Cloud-Days-Script.doc Whitepaper: Oracle Infrastructure and Platform Cloud Services Security – https://cloud.oracle.com/_downloads/WhitePaper_Compute_Security/Oracle_Cloud_Security_Whitepaper.pdf Whitepaper: Oracle Cloud Hosting and Delivery Policies http://www.oracle.com/us/corporate/contracts/ocloud-hosting-delivery-policies-3089853.pdf
This Safe Harbor statement has been modified to include the last sentence.
... Z zadaniem wykonania prezentacji ...
... Bezpieczeństwo to tematyka bardzo szczególna, zagadnienie może zostać poruszone praktycznie na kazdym poziomie...
...mówimy o systemach infomratycznych, które historię swą rozpoczynają w czasach systemów otwartych ... Podatnści dorabiają się swjogo logo, rozwinął się rynek handlu informacjami skradzionymi Podatnosci ktore tkwia na poziomie fundamentow przez 9 lat i pozwalaja na eskalację ...
...a jednak wkraczamy w epoke tzw. „systemów chmurowych” kreowanych jako serwisy Czy to oznacza, że nie powinniśmy brać pod uwagę takiego podejścia ? Jeśli decydujemy się na na korzystanie z chmury to na pewno zaczniemy porownywac, dociekac i doszukiwac sie szczegółów na ten temat
Oracle proponuje rozwiązanie chmurowe w sakli swiatowej W tym momencie dostepnej w wielu wielu krajach Chmura dla Oracle jest bardzo ważna, nie da się zaprzeczyć
Model wspólnej odpowiedzialności Inny w zależności od typu i poziomu serwisu Odpowiedzialny za warstwe fizyczna, infrastrukturę, sieć i wirtualizację
You will be sharing the security responsibilities with the cloud provider and mutual trust is required. Cloud vendors need to maintain close relationships with their customers in order to counter these threats. We need to have an understanding of who is responsible for what security controls. When you look at Infrastructure as a Service, the Cloud Service Provider owns the security of the physical datacenter They own infrastructure, network, and virtualization security of this layer as well. This is our responsibility. The customer maintains their own OS, application, and data layers and service configurations– however they see fit. As you move to the right: platform and software as a service, the cloud vendor takes on more responsibility. [Transition] All of this is to work together to protect our most important asset: Data
Unfortunately, not all vendors provide that visibility into the security of their cloud You should be able to Trust AND Verify data security capabilities of your cloud vendor This means transparency into how they secure their environment, with understanding of what portion you are responsible for This means visibility into security audits from a trusted third party. Without transparency we cannot verify, without verification we cannot trust Unfortunately, most orgs do not have assurances that their public cloud providers are doing enough to protect their data. 58% percent of respondents cannot get assurances, or do not know, whether their cloud providers are accessing their data. Only 38% could say that their providers will notify them of any security breaches. Worse yet, only one in four say they have received assurances that their data will be expunged after the contract with the provider ends. Cloud Security requires Trust AND Verify This means you should have periodic testing performed by a mutually-agreed upon security auditor This means you should be able to request a description of security practices and security assurance practices.
Oracle’s Cloud is designed to be secure at every layer, from physical data center security, to network, to hardware, chip and OS, to storage/disk/database, to platform, to t he application layer. Oracle follows guiding principles that begin with secure products. That means how we code our software is secure. We then securely architect those products across both hardware and software to make sure they are integrated and work together We securely deploy our solutions. For example, we use gold-standards when deploying databases. We deploy security tools to protect the environment We then securely maintain this technology over time and make sure things like configurations don’t drift, patches are deployed appropriately, and more. All of this optionally and independently verified by a third party, for your benefit, to let you know we are doing what we said we would do. Customers may request a copy of the current published 3rd party audit report available for a particular Oracle Cloud service. We distribute over hundred such reports each month Finally, Oracle is investing in a broad set of security capabilities beyond the basic industry-standard cloud security components With a major focus across the full technology stack, technology, process, and people to deliver the most comprehensive cloud security
Oracle’s Cloud is designed to be secure at every layer For Technology – We push security down the stack and include layers of defense across IaaS, PaaS, and SaaS For Process – We employ stringent security policies and controls across people, technology and physical datacenters For People – We hire the best cybersecurity talent and train them on Oracle’s leading Security Software Assurance (OSSA) For Physical – We make sure we have the most secure datacenters with multiple layers of physical defense to let authorized people in and keep unauthorized people out And all of this should be made transparent to you, the user. So let me drill into each of these four areas and show you how we secure the Oracle Cloud Then I want to share with you our upcoming Security Cloud Services that reside in this secure environment.
Each of our cloud services gain the benefits of a secure Oracle Cloud This all to enable you to implement faster and more secure digital transformations Look, security isn’t here to be a roadblock. It’s an enabler to get you to the cloud so that you can take advantage of all of our cloud services They provide our customers with the ability to Manage hybrid identities Gain visibility into how your users are accessing cloud resources Monitor and analyze the potential threats so that you can respond better Develop more secure applications and deploy them Secure your sensitive data and prevent unauthorized access Let me talk about each one of these new cloud services individually
Introducing Oracle’s Cloud-Native Multi-tenant platform on the Oracle Cloud
Manage Users Sync identities, SSO, Federation Manage Applications Integrate using open standards Manage Policies Protect Applications using strong access control policies
IDCS is about: Hybrid Cloud Open and Standards Based Secure (Layered defence)
Discover Continuous visibility into cloud risk for sanctioned and unsanctioned SaaS, PaaS, and custom apps on IaaS Shadow IT Risk Assessment Indicators of Compromise
Secure Automated controls for users, data, content, apps, settings, and infrastructure with actionable intelligence Data Compliance Security Controls Provisioning Actionable Threat Intelligence
Monitor Continuous monitoring of user activity and security configurations identifying threats and compliance risks Activities Configuration Transactions Content Policies
Respond Automated incident management and remediation through native features as well as integration with existing solutions Automated Incident Response Integration with IT Service Management Systems
Security Monitoring & Analytics Cloud Service: Detect, Prevent and Respond Faster Key Takeaways: Ability to detect, prevent new threats Ability to respond faster with more context Increased efficiencies of Security event analysis Anomaly based event detection for highlighting steal based and slow moving attacks
Your organizations are building applications for consumption by your customers and employees And you require application programming interfaces, or APIs in order to integrate your applications with others application services. Unfortunately, APIs can often be developed with vulnerabilities that can be abused by cyber criminals You often have no idea who is using your APIs, or better yet, how they are using them. APIs can be used by unintended people or applications. In fact one type of threat vector that cyber criminals use are bots, or zombies that take over APIs, putting your applications, and customers at risk. Oracle API Platform Cloud Service helps mitigate this risk by providing visibility into how your APIs are being used and by whom. You get the ability to apply security policies across your set of APIs that include authentication, IP filtering, and key validation, just to name a few. API Platform Cloud Service is also integrated with our Identity Cloud Service for easier management of APIs with you user identities.
Compliance Cloud Service: Ensure Security Best Practices Across All Environments -Establish base-line security standards across the organization and into the cloud -Look for deviations in these standards for version controls, patches and risk vectors -Daily reports keep the organization up to date with the information needed to ensure compliance and regulatory milestones are met and maintained and that deviations are recognized and dealt with accordingly
The last solution I want to talk about is a hybrid cloud approach to protecting data It begins with capabilities like sensitive data discovery and privilege analysis that allow you to evaluate your overall security posture. Then you need to prevent access to this sensitive data with encryption and datamasking, Maintain best practices that includes separation of duties and least privilege, so that you are not giving your privileged users more access than required to do their jobs. Then you get technologies for detecting suspicious behavior so that you can respond and block things like SQL injection attacks. Each of these capabilities (Evaulate, Prevent and Detect) should then be maintained across both you on premises and cloud environments. These layers of defensive technologies that we use in the Oracle cloud are made available for you in your on premises environments This helps you maintain a consistent security posture and security policies, no matter where you maintain your systems and data.
IT professionals say their top concerns for adopting cloud are related to security But we think security is actually a reason now to move to the cloud As organizations transition from on premises to the cloud, trust is paramount in choosing your cloud partner Oracle delivers a Secure Cloud with Security Services to help protect your organization. Comprehensive security for the cloud across technology, people, process and physical data centers Oracle follows guiding principles that begin with secure products, securely architect, securely deployed and maintained That includes built in security controls at every layer Consistent across hybrid deployments All with the objective to provide you with governance, visibility and transparency into the ingredients to our secure cloud recipe.
Learn more about Oracle Cloud Security and how we can help you [IF THERE IS A SECURITY CLOUD BREAKOUT] Join us this evening at our Security Cloud Services event at 4:40 pm [GET ROOM NUMBER] We will provide a deeper dive into our new Security Cloud Services including the recently introduced Identity Cloud Service Request a Security Assessment with your local sales team Learn more at Oracle.com/security Thank you!
Security Breakout Evite Toronto Evite Security Evite Boston Evite Security Evite Chicago Evite Security Evite Dallas Evite Security Evite Calgary Evite Security Evite Atlanta Evite Security Evite
Bezpieczeństwo: Kolejny powód, dla którego warto przenieść się do chmury - Radoslaw Kut, Oracle Database Expert, Oracle Polska