Oracle bakes security into its DNA

Similar documents
On the Radar: Positive Technologies protects against SS7 network vulnerabilities

On the Radar: IBM Resilient applies incident response orchestration to GDPR data breaches

On the Radar: Kenna Security protects enterprises against data breaches

B2B Takes Center Stage at Huawei s Ultra-Broadband Forum

Veeam demonstrates its ambitions and capabilities

On the Radar: Condusiv Technologies

Case Study: Delivering Oracle Applications and Infrastructure in the Cloud

Effective Vulnerability Risk Management

Neustar forms partnership with Limelight for turbocharged DDoS mitigation

On the Radar: Ziften enables continuous endpoint monitoring

On the Radar: Peplink

On the Radar: Comodo protects endpoints by using containment with local and cloud-based inspection

On the Radar: Cloudmark Trident addresses spear phishing

On the Radar: Carbon Black defends against malware and fileless

DataStax stays the open core course as it reconnects with the Apache Cassandra community

On the Radar: IronScales offers anti-phishing defense suite

Optical network futures Taking the carrier pulse

On the Radar: Prevoty provides a runtime application security platform for the enterprise

DataStax Enterprise 6 extends Apache Cassandra

The Oracle Trust Fabric Securing the Cloud Journey

Optical Networks Booming in India

Modern Database Architectures Demand Modern Data Security Measures

The strengthening case for fixed wireless broadband

Evolve Your Security Operations Strategy To Account For Cloud

On the Radar: NuDetect uses behavioral biometrics to detect security violations and verify trusted users

Business-Driven Security: An Essential Approach to Enterprise Protection and Compliance

Securing Your Digital Transformation

Best Practices in Securing a Multicloud World

Mastering The Endpoint

NEXT GENERATION SECURITY OPERATIONS CENTER

Build Your Zero Trust Security Strategy With Microsegmentation

Victorian Government Cloud adoption study

Vulnerability Management Trends In APAC

Cisco Start. IT solutions designed to propel your business

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

Secure & Unified Identity

2018 Trends in Hosting & Cloud Managed Services

2017 Trends in Datacenter and Critical Infrastructure

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Network Visibility and Segmentation

Driving Business Outcomes: Cisco Data Center Innovation and Solutions

Cisco Cloud Application Centric Infrastructure

Smart Data Center From Hitachi Vantara: Transform to an Agile, Learning Data Center

Fast IT - Policy Driven Infrastructure for the Intercloud World

Cognizant Cloud Security Solution

locuz.com SOC Services

Web Data Integration: A new source of competitive advantage

Unlock The Value Of Cloud: A Spotlight On IT Executives

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

A CISO GUIDE TO MULTI-CLOUD SECURITY Achieving Transparent Visibility and Control and Enhanced Risk Management

Building a Resilient Cloud Network with SD-WAN

Oracle Buys Palerra Extends Oracle Identity Cloud Service with Innovative Cloud Access Security Broker

Unlock The Value Of Cloud

SIEMLESS THREAT DETECTION FOR AWS

Rethink Enterprise Endpoint Security In The Cloud Computing Era

HOW ADVANCED ANALYTICS DIFFERENTIATES CSP SD-WAN SOLUTIONS

Operationalize Security To Secure Your Data Perimeter

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

HP Fortify Software Security Center

Closing the Hybrid Cloud Security Gap with Cavirin

Security Readiness Assessment

VMware Cloud Operations Management Technology Consulting Services

Why Enterprises Need to Optimize Their Data Centers

Hitachi Enterprise Cloud Family of Solutions

A Data-Centric Approach to Endpoint Security

Enabling Hybrid Cloud Transformation

Martijn Loderus. Merritt Maxim. Principal Analyst Forrester. Director & Global Practice Partner for Advisory Consulting Janrain

The Emerging Role of a CDN in Facilitating Secure Cloud Deployments

Trends to Watch: Managed Security Services. Providers invest in automation, tools, and skills as enterprises struggle with new regulations

GDPR: An Opportunity to Transform Your Security Operations

Run the business. Not the risks.

ORACLE SERVICES FOR APPLICATION MIGRATIONS TO ORACLE HARDWARE INFRASTRUCTURES

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Five Essential Capabilities for Airtight Cloud Security

Securing Your Most Sensitive Data

Multicloud is the New Normal Cloud enables Digital Transformation (DX), but more clouds bring more challenges

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

The Why, What, and How of Cisco Tetration

THE FUTURE IS HYBRID. Patrick Harr. Global Vice President, Cloud Strategy and Solutions Hewlett-Packard Company

Cybersecurity. Securely enabling transformation and change

A Global Look at IT Audit Best Practices

Why Converged Infrastructure?

Deliver Data Protection Services that Boost Revenues and Margins

HPE IT Operations Management (ITOM) Thought Leadership Series

Healthcare IT Modernization and the Adoption of Hybrid Cloud

Optimizing Infrastructure Management with Predictive Analytics: The Red Hat Insights Approach

The Etihad Journey to a Secure Cloud

Moving Workloads to the Public Cloud? Don t Forget About Security.

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

ForeScout ControlFabric TM Architecture

Oracle Retail Cloud Services and Business Agility

MODERNIZE INFRASTRUCTURE

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

DELIVERING SIMPLIFIED CYBER SECURITY JOURNEYS

Hybrid Cloud Management: Transforming hybrid cloud delivery

SIEM Solutions from McAfee

Services solutions for Managed Service Providers (MSPs)

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

Solution Overview Cisco Tetration Analytics and AlgoSec: Business Application Connectivity Visibility, Policy Enforcement, and Business-Based Risk and

Transcription:

Publication Date: 16 Nov 2018 Product code: INT003-000287 Maxine Holt

Ovum view Summary At the inaugural Oracle Security Summit held at the company s stunning Santa Clara campus in September 2018, analysts heard how the myriad security products and services offered by the software and services monolith are further being enmeshed in the overall cloud portfolio and refocused on promoting business outcomes. This is welcome news for enterprises, service providers, and partners, all of which are looking to consolidate their security products and settle on fewer platforms to run these products. Without doubt, Oracle s focus on the cloud is benefiting customers that want to reduce reliance on their own data centers. Interestingly, the vast majority of Oracle cloud customers are new to the company, with many of the organizations currently using its traditional on-premises software yet to begin or complete their journey to the cloud, a huge potential market for Oracle s cloud platform. This is backed up by Ovum s ICT Enterprise Insights for 2018 19, which found that the adoption of cloud services is a priority for fewer than 10% of surveyed organizations. Oracle s messaging has been adjusted to recognize that nearly every organization has a heterogenous IT environment, combining on-premises, multicloud, public cloud, private cloud, and hybrid cloud: the real world. As explained by Eric Olden (senior vice president and GM security and identity, IDM Enterprise), this messaging is backed up by a layered approach to security: the Trust Fabric and complemented by a strong focus on security as part of Oracle s DNA. Security in and of the cloud Increasing automation is evident across the enterprise and service provider IT landscape, where it is used to improve services and augment roles performed by humans. Oracle is no stranger to automation across its cloud platform and services, and this is working its way into security. Oracle has recognized not only the importance of security (a basic requirement) but also that security can be used as a competitive differentiator when ingrained into products, services, and culture. Security can be offered as products and services, and can also be baked into existing products and services. Placing bets on increasing volumes of customers (new and existing) availing themselves of its cloud platform, Oracle picks up on two angles of security: security OF and IN the cloud (see Figure 1). Ovum. All rights reserved. Unauthorized reproduction prohibited. Page 2

Figure 1: Oracle Security OF and IN the cloud Source: Oracle Security of the cloud (baking security into its products and services) incorporates physical isolation on the server, a high-security network, and governance and audit. Security in the cloud (security-focused products and services) incorporates identity and access management (IAM), continuous policy management, behavior-based threat detection, and threat remediation. People, process, and technology are central to the autonomous services built on Oracle s cloud platform. Taking inputs from data, applications, users, devices, and systems, these autonomous services aim to reduce the mean time to detection and resolution for security incidents and breaches. Investments have been made into security analytics, identity management, database security, infrastructure security (incorporating the acquired internet performance management capabilities from Dyn), and cloud security, providing visibility and control over multicloud environments including software-as-a-service (SaaS), platform-as-a-service (PaaS), and infrastructure-as-a-service (IaaS). The intention is for Oracle customers to benefit through reduced operational costs alongside improved productivity and better risk mitigation. Trust is an essential component of cloud platforms The cyberthreat landscape is evolving and morphing at an incredibly fast rate. Couple this with the enterprise digital transformation journey that inevitably exposes new threat vectors, and enterprises are faced with risks that are complex to assess and threats that are difficult to prevent, detect, and respond to. Enterprises are increasingly recognizing that the security of cloud platforms is generally superior to what can be delivered in-house, but the additional attack vectors are increasing the identified risks and these risks must be mitigated in line with the organization s risk posture. Although the journey to the cloud, and especially multiclouds, is still in the early stages for many organizations, more is expected of the cloud today than ever before. Security must be built in from the outset, rather than bolted on as an added extra. To address this, Oracle has developed its Trust Fabric as part of security in and of the cloud. According to Olden, the Trust Fabric aims to create secure, trusted, agile, and compliant enterprise computing built for the cloud, and incorporates a layered security model (see Figure 2). Ovum. All rights reserved. Unauthorized reproduction prohibited. Page 3

Figure 2: Oracle Trust Fabric layered security model Source: Oracle A layered approach to security is widely recognized as the only way for organizations to achieve a reasonably comprehensive security posture. The level of comprehensiveness will depend on the number and quality of layers of security. In the Oracle Trust Fabric, these layers are designed to help organizations understand the comprehensive approach as well as support compliance expectations. The Trust Fabric is managed via a virtual security operations center (SOC) focused on autonomous detection of security threats and response to security incidents and breaches. Furthermore, the Trust Fabric is designed to deliver unified security across an enterprise s entire cloud journey. This requires integration to create a fully integrated security portfolio incorporating security across Oracle apps and services. Security is part of the DNA In one of the sessions, analysts heard from two individuals with various responsibilities for security at Oracle, including Oracle s own security for the cloud platform. This is where we saw evidence of security being baked into the DNA of the organization, with a security-positive culture at the core. Yes, Oracle products are used extensively, but the technology is supplemented by strong processes and a swathe of people who are well-versed in security best practice. Security governance drives the overall ethos, and risk and compliance come into play extensively. This security DNA is certainly reflected in the overall messaging from Oracle, particularly across its cloud portfolio. Helping enterprises on their cloud journey, and recognizing that a heterogeneous environment (multicloud and on-premises) is the norm, has positioned Oracle well in pursuing business outcomes with its customers. Going forward, Oracle can develop its business-outcomes discussions with customers to include total cost of ownership (TCO). It can tap into the significant market of existing on-premises customers yet to begin or develop their journey to the cloud, highlighting the cost benefits of taking (for example) cloud security services. Although this has the potential increase Oracle s revenues from an individual customer, it can also reduce the overall TCO for the customer, a conversation that most organizations will welcome, at least once they ve decided to start their journey to the cloud. Ovum. All rights reserved. Unauthorized reproduction prohibited. Page 4

Appendix Further reading Autonomous becomes Oracle watchword in cloud ENS002-000028 (May 2018) Oracle s autonomous cloud portfolio drives greater developer productivity and operational efficiency INT003-000091 (March 2018) "Oracle s PaaS delivery of blockchain is a smart move" INT003-000060 (February 2018) Oracle s approach to the cloud is clearly differentiated INT003-000037 (January 2018) Author Maxine Holt, Research Director maxine.holt@ovum.com Ovum Consulting We hope that this analysis will help you make informed and imaginative business decisions. If you have further requirements, Ovum s consulting team may be able to help you. For more information about Ovum s consulting capabilities, please contact us directly at consulting@ovum.com. Copyright notice and disclaimer The contents of this product are protected by international copyright laws, database rights and other intellectual property rights. The owner of these rights is Informa Telecoms and Media Limited, our affiliates or other third party licensors. All product and company names and logos contained within or appearing on this product are the trademarks, service marks or trading names of their respective owners, including Informa Telecoms and Media Limited. This product may not be copied, reproduced, distributed or transmitted in any form or by any means without the prior permission of Informa Telecoms and Media Limited. Whilst reasonable efforts have been made to ensure that the information and content of this product was correct as at the date of first publication, neither Informa Telecoms and Media Limited nor any person engaged or employed by Informa Telecoms and Media Limited accepts any liability for any errors, omissions or other inaccuracies. Readers should independently verify any facts and figures as no liability can be accepted in this regard readers assume full responsibility and risk accordingly for their use of such information and content. Any views and/or opinions expressed in this product by individual authors or contributors are their personal views and/or opinions and do not necessarily reflect the views and/or opinions of Informa Telecoms and Media Limited. Ovum. All rights reserved. Unauthorized reproduction prohibited. Page 5

CONTACT US ovum.informa.com askananalyst@ovum.com INTERNATIONAL OFFICES Beijing Dubai Hong Kong Hyderabad Johannesburg London Melbourne New York San Francisco Sao Paulo Tokyo

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback