Oracle Cloud security best practices are still emerging and there was no Security Posture model already accepted by the market. Defining the criteria for what would be a secured Oracle Cloud environment required research, collaboration and an iterative approach. Oracle Cloud is a public cloud infrastructure with services and components similar to those in other public infrastructures, so we had a good starting point. We leveraged our experience implementing security posture management in other public clouds and adopted those best practices to Oracle Cloud. We were equally inspired by policies developed by the Centre for Internet Security (CIS) for AWS, Azure and GCP to define similar sets of best practices for this platform. Lastly, we had great support from our customer base, helping us fine tune the implementation even further.
The result of this effort is a set of security best practices that include general configuration and settings needed to keep your environment safe.
Oracle Cloud Security Is Business Critical
The migration of Oracle E-Business Suite (Oracle EBS) environments from on-site deployments to the Oracle Cloud infrastructure have been growing in popularity. Oracle, the driving force behind it, has been promoting this option based on the promise of significant improvements in business agility and operational excellence. In this deployment model, the Oracle EBS set of components are deployed on top of Oracle Cloud services, in a single region or multiple regions and take advantage of many of the Oracle Cloud components, such as Virtual Machines, load balancers, WAFs, databases, storage and more.
Organizations have been challenged with coming up with security, risk and compliance strategies to provide continuous monitoring that ensures the platform meets the corporate security standards used in other hosting environments.
With the new CloudSploit support for Oracle Cloud the customer gains visibility and continuous monitoring of their Cloud Security posture across all their clouds with a single solution that they already use and trust.
CloudSploit’s Features For Oracle Cloud Security:
Comprehensive Policies Coverage
63 new plug-ins for numerous OCI services, including: Compute, Database, File Storage, Clock Storage, Audit, Identity, Networking, and Object Store. As with our existing support for other public cloud platforms, Aqua Security will introduce new plug-ins and updates for existing ones as more OCI services are released.
Coverage For All Regions And Zones
CloudSploit for OCI scans the OCI services in all 12 currently available OCI regions. Aqua Security will extend CloudSploit’s support for new OCI regions as they become available.
Remediation Assistance
The scan reports include recommended remediation information and links to official Oracle documentation.
Compliance Auditing
Compliance support now includes a mapping of CloudSploit’s library of OCI plug-ins to PCI-DSS, HIPAA and GDPR requirements, to provide individual, actionable policy checks to help detect compliance violations across your OCI accounts. Customers can also create their own custom compliance programs and map any internal corporate controls to CloudSploit’s plug-ins library.