Cybersecurity is an important aspect and becomes more precarious when organizations turn to the cloud to implement strategic applications. Data is the new oil of the 106st century. The opportunity presented by the cloud also presents challenges, and that is the nature of the opportunity. Among the Big Data breaches that drew attention last year, Capital One, an Amazon Web Services (AWS) customer, announced a data breach that revealed personal information such as transaction data, credit scores, payment history, balances and, for some linked bank accounts, Social Security numbers of 2 million people in the United States and Canada. The data breach was an exploit of a configuration problem in a firewall, which is usually fixed with security checks and routine audits. This incident shows just how complicated today's enterprise security deployments are, as the risk landscape is constantly changing. Equifax was fined for failing to fix 1% of its database management while the rest got fixed while more than 2 million people, usernames and passwords were stolen from Superma's Biostar 3 security platform. According to security research firm VpnMentor, the personal and employment data of thousands of British professionals, as well as data stored by several British consulting firms, had not been protected in the AWS S3.1 database for the past several years. "There is no greater challenge today than the risks we may be exposed to. As we go online, the threats become more real with a larger area and the bad guys are also using the same emerging technologies to start a highly sophisticated war against us. said Steve Daheb, Oracle's senior vice president. cloud. "We believe the role of the technology provider is to do the integration work for you, whether it's through automation or services and support while you focus on what's good for business," he said. Imagine a product that fixes, manages and eliminates human error, and that's what sets Oracle apart from AWS and other cloud providers, he said. "XNUMX million cybersecurity professionals are going to be needed in the United States alone, and we can't find enough people," he said.
Patch in microseconds
Not all companies can afford to hire security professionals, said Wim Coekaerts, Oracle's senior vice president of operating systems and virtualization engineering, adding that many people think the cloud is not secure and therefore "we will have our own standards and security features. This is not the right approach, he said, and everyone has to start from scratch and it's dangerous. “As a company, we can hire a lot of security professionals to do this on a large scale. In order for us to evolve, we have to do it ourselves on a standalone database and standalone cloud,” he said. To make arrangements, he said they ( customers) they had to remove the applications and then the database and after fixing them they had to restart the OS, restart the database and they applications." From a technical point of view, you have to follow all these steps. From a practical point of view, a company should hire a project manager. You have to contact the people in the apps if they accept the recession, and then you have to talk to the people in the database," he said. So the entire patch schedule from an individual company is really expensive. So, the company is exposed for a few months, he said. Oracle claims it has an IP address that allows it to patch the operating system in eight microseconds without shutting down the system. "We did 120 million fixes in four hours across the cloud and no one knew it. We have not restarted the server or applications. It's really important to do fixes without downtime. If this has an impact on the user, you don't want to do it and there will be a delay," Coekaerts said. Also, Oracle does it for you and not as a plugin.
Safer Internet Initiative
Laurent Gil, product strategy architect at Oracle, said Oracle internally has data scientists and engineers in the cloud security product space to make it more intelligent and automated. By launching the Internet routing 3D visualization service, as part of a more secure Internet initiative, he said Oracle aims to increase public understanding of Internet routing events, such as BGP leaks, which redirects traffic. intended recipient in order to defraud visitors or simply to steal data or due to incorrect configuration errors causing a black hole for Internet traffic and rerouting through views. According to the Internet Society, a nonprofit organization, in 2018 there were more than 12,000 routing failures or leaks. "Oracle's goal is to make the Internet more secure so that all users can feel confident moving sensitive data to the cloud and operating critical workloads in a secure environment." line," Gil said. Oracle has a completely different approach to security, Daheb said, and "we need to think more globally when it comes to multi-cloud and hybrid cloud environments." It's also about protecting high-end users of applications , data and infrastructure." "We are looking at how to use AI, machine learning and autonomous technologies and implement them in our security offerings." Data is encrypted by default,” he said. In addition, he said that Oracle offers a self-managing, intelligent database to bring a high degree of automation to routine administrative tasks. A standalone database is a cloud database that eliminates the complexity, human error, and manual management associated with database tuning, security, backups, and updates; tasks traditionally performed by database administrators. With an independent database, he asserted that these types of breaches do not occur and that independent capabilities are built into each component of the product portfolio. According to KuppingerCole Analysts AG, Oracle was named a world leader in database and big data security in 2019. That is why Oracle's cloud database and infrastructure are well protected and encrypted, Daheb added.