Between June 2016 and July 2019, a total of 166,349 independent incidences of data security breaches were reported to the Federal Bureau of Investigation (FBI). Although no known casualty, the breaches caused a loss of more than $26 billion and elevated business email compromise (BEC) scams as the most common and costliest form of cybercrime today.
These numbers are particularly alarming when coupled with the fact that 3 of the biggest 5 data security breaches ever, in terms of records compromised, have happened in the past two years, and all of them within the past half a decade. Poor security infrastructure was identified as the key fault in 3 of these breaches.
The FBI urges business organizations to implement measures that protect public information stored in their databases against BEC attacks by using stronger security protocols. Some regulations such as HIPAA for the U.S. healthcare industry and the U.K.’s Data Protection Act are already in place, and stricter regulations are anticipated in the near future as data becomes new oil. For instance, the U.S. Department of Labor’s policies instructs contractors to safeguard sensitive information at all times and mandates the protection of personally identifiable information (PII). The U.S. General Services Administration also applies PII for its employees, contractors, and clients.
In this scenario, Oracle Exadata Cloud at Customer service has emerged as a disrupter in the database as a service (DBaaS) industry. Exadata version 2 has completed 10 years of excellence in the DBaaS marketplace and rates end-to-end security paramount, noting that malware attacks have increased tremendously in recent times with a new variant released every 18 seconds. That being said, managed DBaaS with enhanced security must not mean reduced performance, and Oracle has taken that into the account too.
Oracle recently announced the Generation 2 Exadata Cloud at Customer with continued emphasis on meeting data sovereignty and data residency requirements for customers who demand their data to remain within on-premise data centers or a geographic location. Gen 2 Exadata Cloud at Customer is a product scripting a vision of enabling database cloud services for those who are reluctant to leveraging public cloud benefits owing to regulatory, business model, or network latency prerequisites.
How Oracle Exadata Cloud at Customer Enhances Data Security
Oracle Exadata Cloud at Customer databases come with two-pronged data security model – for data in transit and for data at rest, ensured by network encryption and encryption of the data residing in database files and backups respectively. The data moving across the network is protected by Oracle’s native Net Services encryption and integrity capabilities whereas the database files and backups achieve a secure rest by the encryption installed via a key management framework.
The following lists some additional features that make cloud at customer truly a remarkable product for business enterprises foraying in any and all industries including retail, healthcare, education, hospitality, banking, financial services, and insurance (BFSI), and manufacturing:
- Default settings including minimum packages and running services, token-based SSH access, local syslog auditing, and local TDE keys in password protected wallet
- Isolated operating systems, hypervisors, guest VMs, and Oracle databases to protect from Oracle Cloud Operations
- Advanced support gateway security and logging features to protect from unauthorized access to Cloud at Customer infrastructure and provide transparency when a Cloud operation staff accesses infrastructure
- Only customers have access to root controls and the password is never shared with Oracle Cloud Operations
- Customers can install agents and configure remote syslog to implement their own security best practices
- Capability to implement iptables firewall
Data security threats are more real now than ever before, and Generation 2 of Oracle Exadata Cloud at Customer emphasises on it. Besides managed DBaaS industry’s best performance, the new release comes with several security features that makes it ideal for all businesses.