We’re sorry. We could not find a match for your search.

We suggest you try the following to help find what you’re looking for:

  • Check the spelling of your keyword search.
  • Use synonyms for the keyword you typed, for example, try "application" instead of "software."
  • Start a new search.
Cloud Account Sign in to Cloud
Oracle Account

Data Security: Physical and Environmental Controls

Overview

Oracle Global Physical Security is responsible for defining, developing, implementing, and managing all aspects of physical security for the protection of Oracle’s employees, facilities, business enterprise, and assets.

Preventive Controls: Protecting Oracle Assets and Employees

Oracle has implemented the following protocols:

  • Physical access to facilities is limited to Oracle employees, contractors, and authorized visitors.
  • Oracle employees, subcontractors, and authorized visitors are issued identification cards that must be worn while on Oracle premises.
  • Visitors are required to sign a visitor’s register, be escorted and/or observed when they are on Oracle premises, and/or be bound by the terms of a confidentiality agreement with Oracle.
  • Security monitors the possession of keys/access cards and the ability to access facilities. Staff leaving Oracle’s employment must return keys/cards and key/cards are deactivated upon termination.
  • Security authorizes all repairs and modifications to the physical security barriers or entry controls at service locations.
  • Oracle use a mixture of 24/7 onsite security officers or patrol officers, depending on the risk/protection level of the facility. In all cases officers are responsible for patrols, alarm response, and recording of security incidents.
  • Oracle has implemented centrally managed electronic access control systems with integrated intruder alarm capability and CCTV monitoring and recording. The access control system logs and CCTV recordings are retained for a period of 30-90 days as defined in Oracle’s Record Retention Policy which are based on the facility’s function, risk level and local laws.

Data Center Security

Data centers hosting Oracle cloud services are designed to help protect the security and availability of customer data. This approach begins with Oracle’s site selection process. Candidate sites and provider locations undergo an extensive risk evaluation that considers environmental threats, power availability and stability, vendor reputation and history, neighboring facility functions (for example, high-risk manufacturing or high-threat targets), standards compliance, and geopolitical considerations among other criteria.

Oracle cloud service data centers align with Uptime Institute and Telecommunications Industry Association (TIA) ANSI/TIA-942-A Tier 3 or Tier 4 standards and follow a N2 redundancy methodology for critical equipment operation. Data centers housing Oracle Cloud Infrastructure services use redundant power sources and maintain generator backups in case of widespread electrical outage. Server rooms are closely monitored for air temperature and humidity, and fire-suppression systems are in place. Personnel are trained in incident response and escalation procedures to address security and availability events that may arise.