How Oracle Built Gen 2 Cloud as the Safe Place for Enterprises

According to a 2019 report from the U.S. Conference of Mayors, more than 170 recorded ransomware attacks against state and local government entities have been recorded since 2013.

by Jerry Niemeyer, director, Product Management, Oracle Cloud Infrastructure, Public Sector / May 15, 2020
SPONSORED

When Oracle set out to create the next generation cloud infrastructure, we knew we had to improve customer isolation relative to first generation public clouds. According to a 2019 report from the U.S. Conference of Mayors, more than 170 recorded ransomware attacks against state and local government entities have been recorded since 2013. Along with improvements in the fundamental design of cloud data centers, comprehensive security services are a focus of Oracle’s Gen 2 Cloud Infrastructure, because large entities such as governments, financial institutions and other regulated businesses are rich attack targets.

For our Oracle Gen 2 Cloud, we set out to approach security from multiple angles:

1. A “No virtualization” option: Customers can choose to deploy on Bare Metal or hosts with no Oracle code on them. This gives organizations maximum control of what is installed and accessible on their public cloud hardware.

2. Default Closed Virtual Cloud Network: An Oracle Cloud tenancy starts with a locked down environment by default. Security groups and policies must be set to allow access of any kind to cloud resources.

3. Encryption by Default: Always-on encryption protects customer data at-rest and in-transit. Access to programming interfaces (APIs) is also encrypted at the application layer – HTTPS.

4. Intuitive Access Management: Enforcing identity and access management policies is central to enforcing least privilege access but it can be challenging and error prone in public cloud. Oracle Cloud Infrastructure’s built-in Identity and Access Management uses a compartment construct where a compartment is akin to a department giving an intuitive way to map organizational groups and define rules for cloud access.

5. Automation: Configuration errors are the culprit in many cloud breaches where object stores known as bit buckets are left accidentally open or database backup are inadvertently left unencrypted. Oracle makes the tasks or managing core security functions like patching, monitoring security configurations and reducing privilege creep automated. Customers can have the Oracle Cloud security service take action on their behalf to apply a patch for instance or they can be alerted that the action is needed and urgent.

6. Resilience and Disaster Recovery: Data in storage and databases housed in the Oracle Cloud can be replicated and backed-up easily, even automatically so that it is available when needed even if events render the primary data sets unavailable.

Beyond the security enhancements, performance was a major consideration as we built Gen 2. The sheer size and scale of state and local governments led to some fundamental questions: Where can we take out latency? Where can we add bandwidth? How can we give customers the best performance experience possible? And we didn’t just approach performance at the compute layer, we looked at it in the network layer, and we looked at how to connect different services to one another. Ultimately, it’s about connecting clouds to one another and connecting on-prem environments to Oracle's cloud. So, throughout the development there’s been a big focus on performance and delivering it in every possible way.

One of our biggest focus areas for Gen 2 was scalability. The goal was to make cloud environments available in as many places to as many customers as possible. With Gen 2, you see delivery and deployment in many more regions. Our customers care about where their cloud lives. They don't want to have to communicate with a cloud environment halfway around the world. They'd like one in their own country, and in fact, they’d like two because one simply doesn’t give them the degree of redundancy and availability they need. The ability to scale by adding regions has therefore become the key to our Gen 2 strategy, and you can’t deliver at scale with an amalgamation of both homegrown and acquired technologies. You have to have a unified plan.

What did we end up with after all this? A next-generation cloud infrastructure that provides consistently high performing cloud with unmatched governance and security controls. Scaling, performance and security – that’s what Gen 2 is all about.

Find out more about how government organizations can leverage the benefits of Oracle next-generation cloud, including the automation it enables to improve security, reliability and operational efficiency. Visit oracle.com/stateandlocal

This content is made possible by our sponsors; it is not written by and does not necessarily reflect the views of e.Republic’s editorial staff.

Platforms & Programs