Close Search
No results found

Your search did not match any results.

We suggest you try the following to help find what you're looking for:

  • Check the spelling of your keyword search.
  • Use synonyms for the keyword you typed, for example, try “application” instead of “software.”
  • Try one of the popular searches shown below.
  • Start a new search.
Trending Questions

Oracle Cloud Free Tier

Build, test, and deploy applications on Oracle Cloud—for free.

EURA and SaaS security topics

European Union Restricted Access (EURA) and SaaS Security

Rapid evolution of technology forces companies to undertake major changes in their current systems, tools, and infrastructure. To remain competitive in the market, companies are seeking solutions that will help them earn a profit and adjust their services in harmony with current regulations and technology. The adoption of cloud computing and SaaS services are helping companies gain an advantage by expanding their level of automation beyond the scope and value of what a conventional ERP solution does. Current global trends drive companies to assess business processes, reengineer them, and expand their level of automation to deliver higher efficiency and excellence in their operations—which ultimately benefits their customers.

With the growth of cloud computing and Software as a Service (SaaS) solutions, data sovereignty issues have become a greater focus for regulatory officers, especially after the adoption of new privacy laws, such as the General Data Protection Regulation (GDPR), the European Data Protection Board (EDPB (PDF)), and the pending regulation to fix the United States Cloud Act. GDPR requires that all personal data collected regarding European Union (EU) citizens must be either stored in the EU, where it is subject to European privacy laws, or within a jurisdiction that has similar levels of protection. In addition to data residency, this affects data processing and data access.

Market trends in the EU have led to a growing need for cloud services that are designed for the EU, located in the EU, operated by EU personnel, and continuously adapted to changes in EU including:

  • Dynamic regulatory compliance landscape
  • Political requirements
  • Risk mitigation needs

Oracle EURA is designed with data sovereignty in mind.

Map of EU member states

What is Oracle European Union Restricted Access Cloud Service?

Oracle European Union Restricted Access (EURA) Cloud Service for Oracle Fusion Applications is designed to address the data sovereignty and privacy concerns of our EU customers by ensuring that all customer service instances, customer data, and diagnostic data reside in EU data centers only. By restricting Oracle personnel access to customer data and diagnostic data by work location, only EU-based Oracle engineers can perform service management and maintenance. There is no location restriction on customer access, but Oracle operational access must be from within the EU. Oracle EURA is built on these standard Oracle Fusion applications:

These cloud services allow EU businesses to run their business applications in an Oracle Cloud environment that is dedicated to the EU. The services have EU-specific controls that are designed to meet the diverse requirements of EU countries.

Oracle EURA has obtained ISO27001 and CSA Star certifications.

What are the key SaaS security benefits?

1. Data sovereignty

By restricting data storage to EU data centers, Oracle EURA ensures data sovereignty in the EU. The service operates exclusively out of data centers in the EU, currently in Frankfurt (the primary data center) and Amsterdam (disaster recovery data center). EURA stores all the customer data and application diagnostics in the same environment, including trace files and memory dumps.

2. Data processing

Oracle EURA ensures that all data processing takes place in the European Union; not just core functionality, but also virus scans and other supporting services. No data leaves the European Union.

3. Data access

Controls are in place to ensure Oracle grants only EU-based personnel access to the cloud service and customer data for the purposes of service management. These access controls verify that personnel are employed in the EU. In addition, when logging in remotely from non-Oracle locations, geofencing is applied to verify that personnel are physically present in the EU.

Advanced security solutions for Oracle EURA

On top of the standard security within the Oracle solutions, an additional security layer is available within this solution.

1. Oracle Break Glass

Break Glass for Oracle Fusion provides customers with additional security by restricting administrative access to systems and services. With Oracle Break Glass, Oracle Support representatives cannot access your cloud environment to troubleshoot any issues unless they have approval and authorization from you, the customer.

In addition to such controlled access, data at rest is secured using Oracle Transparent Data Encryption (TDE) and Oracle Database Vault. You can control the TDE master encryption key and manage its lifecycle. With Break Glass:

  • Customer data in the Oracle Cloud environment is encrypted at rest using TDE, and it is protected and audited using Database Vault.
  • Break Glass access is time bound; it secures customer data by requiring customer approval for Oracle personnel to access the environment.
  • Break Glass provides only temporary access. The access credentials are programmatically reset after a preconfigured amount of time, typically 72 hours.
  • Break Glass access is audited and logged, and detailed reports are available.
  • You can upload, remove, or restore your TDE master encryption key from the applications console.

2. Oracle Data Masking

Companies run the risk of breaching sensitive data when copying production data into nonproduction environments to develop new apps, run tests, or perform data analysis. To perform real-world testing, nonproduction users need to access some of the original data—but not all the data—especially when the information is deemed confidential.

Oracle Data Masking reduces the risk by replacing the original sensitive data with fictitious data so that the data can be shared safely with nonproduction users.

With Data Masking, you can:

  • Limit sensitive data proliferation: Growing security threats have increased the need for companies to limit exposure of sensitive information. At the same time, copying production data for nonproduction purposes, such as test and development, is proliferating sensitive data, expanding the security and compliance boundary, and increasing the likelihood of data breaches.
  • Share what is necessary: Often, companies have to share a production data set with internal and external parties for various reasons. In some cases, it is efficient to extract and share a portion or subset of information instead of sharing the entire production dataset.
  • Comply with data privacy laws and standards: Data privacy standards, such as the GDPR, emphasize protecting sensitive information in nonproduction environments because these environments are often accessed by larger number of users with more privileges than typical in-production systems.

To learn more, contact your Oracle Sales Rep and ask about SKU #B91905 for Oracle Fusion Cloud.

Resources for
Why Oracle
Learn
What’s New
Contact Us