We’re sorry. We could not find a match for your search.

We suggest you try the following to help find what you’re looking for:

  • Check the spelling of your keyword search.
  • Use synonyms for the keyword you typed, for example, try "application" instead of "software."
  • Start a new search.
Cloud Account Sign in to Cloud
Oracle Account

Security and Compliance for the US Public Sector's Most Important Workloads

Oracle Cloud Infrastructure's government cloud regions are purpose-built to provide the industry-leading performance, comprehensive security controls, and support for regulatory compliance efforts required by US public sector and Department of Defense (DoD) agencies as they shift mission-critical workloads to the cloud.

Security and Compliance for the US Public Sector's Most Important Workloads

Security-First Architecture

Oracle provides powerful and easy-to-manage cloud security for every workload. Oracle's security approach is based on seven core pillars that enable public sector agencies to achieve the isolation, data protection, control, and visibility needed to support security and compliance requirements. The seven core pillars include:

Open all Close all

Customer Isolation

  • Application and data assets are deployed in an environment that provides isolation from other tenants and Oracle’s staff, as well as isolation between the same tenant’s workloads. Oracle provides customer isolation through bare metal instances, virtual machine (VM) instances, virtual cloud networks (VCNs), and identity and access management (IAM) compartments.

Data Encryption

  • Always-on encryption protects data at rest and in transit, helping public sector entities meet compliance requirements regarding data encryption, cryptographic algorithms, and key management. Oracle provides default storage encryption, database encryption, as well as key management services (KMS) that enable customers to encrypt information using keys they control.

Security Controls

  • Effective and easy-to-use security management controls allow users to constrain access and segregate operational responsibilities. Oracle security controls cover networking, user authentication and authorization, and instance principals, and more.


  • Comprehensive log data and security analytics for auditing and monitoring data and application assets.

Highly Secure Hybrid Cloud

  • Integrate existing on-premise security solutions with Oracle cloud security services using virtual private networks (VPNs). Oracle supports third-party security solutions and offers identity federation capabilities that enable organizations to use existing users and groups in the cloud.

High Availability

  • Fault-tolerant data centers enable high-availability scale-out architectures and are resilient against network attacks, for constant uptime in the face of natural disasters and cybersecurity risks. Oracle offers end-to-end service level agreements (SLAs) that cover high availability, performance, and manageability.

Highly Secure Infrastructure

  • Oracle demonstrates its adherence to strict security standards through third-party audits, certifications, and attestations—and helps public sector agencies demonstrate compliance readiness to internal security and compliance teams, auditors, regulators, and the general public.

A Culture of Security

Oracle embraces a culture of security that is evident in every aspect of the design, testing, and rollout of cloud infrastructure and services. Oracle's technology and product decisions, network architecture, and certifications are all focused on protecting sensitive data and providing core-to-edge security.

A Culture of Security
Support for Regulatory Compliance

Support for Regulatory Compliance

Oracle Cloud Infrastructure has a comprehensive security compliance approach to build confidence with public sector organizations and can provide a broad spectrum of accreditations and capabilities designed to protect services, information, and data while preserving critical resources to support mission services.

  • The US Federal Risk and Authorization Management Program (FedRAMP)
  • The US DoD Information Assurance (DISA SRG impact level)
  • The Health Insurance Portability and Accountability Act (HIPAA)
  • ISO 27001
  • SOC1, SOC2