Posts

Showing posts from 2019

Part 4 of 4 - Oracle IaaS and Seven Pillars of Trusted Enterprise Cloud Platform

Image
  Note : My original blog series was published in ORACLE CLOUD INFRASTRUCTURE blog site. I have republished it here with permission. Official Disclaimer : The views and opinions expressed in this blog are those of the author and do not necessarily reflect the official policy or position of Oracle Corporation. The concluding post of this series, in which we mapped Oracle's seven pillars of a trusted computing platform to Oracle Cloud Infrastructure security capabilities, covers a few services that were introduced or enhanced since the publication of earlier posts ( Part 1 , Part 2 and Part 3 ), along with relevant services from the Oracle Cloud Security portfolio for enterprises. New and Enhanced Features First, let's explore the major new services and features that enhance the security of customer environments on Oracle Cloud Infrastructure. Encrypt your Data using Keys you Control In October 2018, we announced the release of Oracle Cloud Infrastructure Key

Part 3 of 4 - Oracle IaaS and Seven Pillars of Trusted Enterprise Cloud Platform

Image
  Sanjay Basu Note : My original blog series was published in ORACLE CLOUD INFRASTRUCTURE blog site. I have republished it here with permission. Official Disclaimer : The views and opinions expressed in this blog are those of the author and do not necessarily reflect the official policy or position of Oracle Corporation. This post is the third one in the series in which we are mapping Oracle's seven pillars of a trusted computing platform to Oracle Cloud Infrastructure security capabilities. This post covers the rest of the pillars. The fourth and final installment in this series will highlight some security services and enhancements that have been added to the portfolio.   Links to Part 1 and Part 2 . 5: Secure Hybrid Cloud Oracle Cloud Infrastructure supports SAML 2.0 federation via Oracle Identity Cloud Service ( IDCS ), Microsoft Active Directory Federation Service (ADFS), and any SAML 2.0 compliant identity provider. Customers can also use Oracle Cloud

Part 2 of 4 - Oracle IaaS and Seven Pillars of Trusted Enterprise Cloud Platform

Image
 Sanjay Basu Note : My original blog series was published in ORACLE CLOUD INFRASTRUCTURE blog site. I have republished it here with permission. Official Disclaimer : The views and opinions expressed in this blog are those of the author and do not necessarily reflect the official policy or position of Oracle Corporation. This is the second part of our blog series where we do a deep dive into the Oracle Cloud Infrastructure security approach. As a recap, we design our security architecture and build security solutions based on seven core pillars . And under each of these pillars, we focus on delivering solutions and capabilities to help ensure our customers can improve the security posture of their overall cloud infrastructure. In the first post, we discussed how we enable customers to achieve isolation and encrypt their data . In this post, we dig into our 3rd and 4th pillars, and discuss how you can obtain the security controls and visibility needed for your cloud envi

Part 1 of 4 - Oracle IaaS and Seven Pillars of Trusted Enterprise Cloud Platform

Image
Sanjay Basu Note : My original blog series was published in ORACLE CLOUD INFRASTRUCTURE blog site. I have republished it here with permission. Official Disclaimer : The views and opinions expressed in this blog are those of the author and do not necessarily reflect the official policy or position of Oracle Corporation. Oracle Cloud Infrastructure’s security approach is based on seven core pillars. Each pillar has multiple solutions designed to maximize the security and compliance of the platform. You can read more about Oracle Cloud Infrastructure's security approach here . The seven core pillars of trusted enterprise cloud platform are: Customer Isolation Data Encryption Security Controls Visibility Secure Hybrid Cloud High Availability Verifiably Secure Infrastructure Oracle employs some of the world’s foremost security experts in information, database, application, infrastructure, and network security. By using Oracle Cloud Infrastructure, our customers

OCI Object Storage: Copy Objects Across Tenancies Within a Region

Image
Note : My original blog was published in ORACLE CLOUD INFRASTRUCTURE blog site on April 15th, 2019. I have republished it here with permission. Official Disclaimer : The views and opinions expressed in this blog are those of the author and do not necessarily reflect the official policy or position of Oracle Corporation. This post was developed jointly with Mohamad Charaf, Oracle Enterprise Cloud Architect. If you have two tenancies in the same region, and you want to copy data that is stored in Object Storage from one tenancy to the other without making the buckets public, this action requires some additional types of identity and access management (IAM) policies. This blog post walks you through how to create these policies. For this example, the source tenancy is named ACMEBMCS and the destination tenancy is named ACMEOCISA. In ACMEBMCS, the Object Storage buckets are in the benchmark compartment. In ACMEOCISA, the target compartment is oracleexa . The follow

Configuring a Custom DNS Resolver and the Native DNS Resolver in the Same VCN

Image
Note: My original blog was published in ORACLE CLOUD INFRASTRUCTURE blog site on August 22nd, 2018. I have republished it here with permission. Official Disclaimer: The views and opinions expressed in this blog are those of the author and do not necessarily reflect the official policy or position of Oracle Corporation. One of the main objectives of the Oracle Cloud Infrastructure Blog is to serve as a forum for Cloud Solutions Architects and Product Managers to provide best practices, introduce new enhancements and offer tips & tricks for migrating and running your most important workloads in the Oracle Cloud. I'm a Solutions Architect myself, and my job is to engage with customers from the design phase all the way through to implementation. And because I've had the privilege of working on so many customer deployments we have visibility into issues and needs that span multiple accounts. The joy in this customer-vendor feedback loop comes in finding repeatable

Guidance for Setting Up a Cloud Security Operations Center (cSOC)

Image
Note : My original blog was published in ORACLE CLOUD INFRASTRUCTURE blog site on August 20th, 2018. I have republished it here with permission. Official Disclaimer : The views and opinions expressed in this blog are those of the author and do not necessarily reflect the official policy or position of Oracle Corporation. Establishing a security operations center (SOC) is one of the primary requirements for managing cybersecurity-related risks in the current information age. This post provides general DIY guidance for building a SOC primarily for Oracle Cloud, including both platform-as-a-service and infrastructure-as-a-service offerings. This general guidance is also applicable to hybrid cloud environments. As more businesses are relying on interconnected technologies, like IoT sensors and cloud-based platforms, it’s becoming unmanageable to respond to cyberthreats and resulting incidents without having proper visibility across the cyberthreat landscape. So it’s