INFORMATION INDEPTH NEWSLETTER
Oracle Cloud Services Edition
Oracle Corp
March 2012 Stay Connected: Mix TwitterFacebookYoutube
Back to the main page
Preventing Fraud in the Cloud: An Identity Management Approach

Since the advent of cloud computing, security concerns have been the single biggest hurdle to adoption. However, as explored in a recent, highly attended on-demand Webcast, Oracle Cloud Services can actually make an organization's data more secure after the move to the cloud.

"Customers often tell me they are able to leapfrog their own level of security when they move to Oracle Cloud Services," says Gail Coury, vice president for risk management, Oracle Cloud Services.

Why? In short, because organizations can leverage Oracle's ongoing investments in both leading-edge identity management and other security technologies, and take advantage of Oracle Cloud Services’ top talent for implementing and managing iron-clad systems.

Cloud and the Increased Role of Identity Management
Since cloud computing does not rely on access via a corporate network, managing users becomes critical to ensuring that access is granted only to authorized users. In fact, identity management is central to most of the key security concerns related to cloud, including
  • Access via mobile devices
  • Access control
  • Ongoing compliance concerns
  • Comingling of customers' data
“With more than 30 years of information security innovations and more than 10 years of delivering enterprise cloud services, Oracle is the recognized leader in data security and identity management, and is in a unique position to meet these security challenges," says Coury.

To manage the entire user lifecycle—including privileged users such as DBAs—the state-of-the-art Oracle Identity Management solutions include access management, identity administration, directory services, and governance.

Oracle Cloud Services: Layered Approach
To ensure compliance with the ISO 2700 framework—the leading international standard for information management—as well as compliance with HIPAA, PCI, SOC 1, FISMA, DIACAP, and ISO 27001 and other key security standards, Oracle Cloud Services relies on multiple layers of security.

Security information and events management (SIEM) system. The result of three years of fine-tuning, Oracle's SIEM system tracks the more than 150 million events that occur daily across the Oracle Cloud Services network—and rapidly identifies unusual events that require human intervention.
Advanced security options. Since not all organizations require the same level of security, Oracle Cloud Services offers single-tenancy options to ensure data segregation, plus optional tools such as Oracle Audit Vault, Oracle Data Masking, and Oracle Adaptive Access Manager.
Regular audits. Oracle Cloud Services undergoes auditing multiple times per month, either by customers or independent auditors. In addition, an internal organization of white hat hackers have carte-blanche to attempt to break Oracle Cloud Services systems from anywhere in the world, unannounced. "Their activities and have been identified and stopped every single time," says Coury.

Watch the on-demand Webcast “Fraud and Security in the Cloud.”

Back to Top
Oracle Information InDepth newsletters bring targeted news, articles, customer stories, and special offers to business people who want to find out how to streamline enterprise information management, measure results, improve business processes, and communicate a single truth to their constituents.

Please send questions or comments to newsletter_feedback_us@oracle.com.

For answers to questions about subscribing, unsubscribing, and managing your Oracle e-mail communications preferences, please see the Oracle E-Mail Communications page.

Copyright © 2012, Oracle Corporation and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

This document is provided for information purposes only, and the contents hereof are subject to change without notice. This document is not warranted to be error-free, nor is it subject to any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. We specifically disclaim any liability with respect to this document, and no contractual obligations are formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission.