| Oracle® Retail Merchandising Cloud Service Suite Security Guide – volume 1 Release 22.1.201.0 F55869-01 |
|
 Previous |
| Oracle® Retail Merchandising Cloud Service Suite Security Guide – volume 1 Release 22.1.201.0 F55869-01 |
|
Previous |
This section includes a number of specific questions related to security that are frequently asked by prospects, customers and implementers.
Table 6-1 FAQs
| Question | Answer |
|---|---|
|
Does Merchandising Cloud Service Suite support data encryption? |
Yes. Sensitive Personal Data is stored in encrypted tablespace. All data is encrypted in transit, Merchandising Cloud Service Suite uses TLS for secure transport of data. |
|
Does Merchandising Cloud Service Suite provide network segregation? |
Yes. The Oracle Cloud network is isolated from the Oracle corporate network. |
|
Does Merchandising Cloud Service Suite provide secure backups? |
Yes. Backup is a standard process for the Merchandising Cloud Service Suite. Database and application servers backed up both incrementally (daily) and fully (weekly). Backups are stored for at least 60 days. |
|
Does Merchandising Cloud Service Suite provide centralized logging? |
Yes. All application and infrastructure logs are forwarded to a centralized Security Information and Event Management system. |
|
Does Merchandising Cloud Service Suite provide antivirus? |
Yes. All files uploaded into Merchandising Cloud Service Suite are scanned by anti-virus and anti-malware software. All hosts in the cloud service are regularly patched with the latest critical patch updates. |
|
Does Merchandising Cloud Service Suite provide strong authentication options such as 2-factor, one-time Password? |
Multi-Factor Authentication is an option if a customer chooses to license the Standard Tier of IDCS or OCI IAM. |
|
Does Merchandising Cloud Service Suite include a configurable warning banner which is presented upon login? |
Terms of Use is an option if a customer chooses to license the Standard Tier of IDCS or OCI IAM. It presents disclaimers and acceptable use policies to users. |
|
Does Merchandising Cloud Service Suite implement access lists to secure each tier of the solution? |
Yes. Communication between tiers within Merchandising Cloud Service Suite is limited by subnet ingress security lists. |
|
Does Merchandising Cloud Service Suite include and support the capability to change default account passwords? |
All user password management occurs in IDCS or OCI IAM. |
|
Does Merchandising Cloud Service Suite support Roles with defined access levels? |
Yes. Oracle Retail Enterprise roles span Oracle Retail applications. Within Merchandising Cloud Service Suite, privileges and duties can be assigned to roles to define what is accessible to certain types of users. |
|
Does Merchandising Cloud Service Suite support synchronizing with an external time source? |
All hosts within the solution are synchronized to the same time source. |
|
Does Merchandising Cloud Service Suite provide strong password options such as complexity, history, aging, account lockout. |
IDCS or OCI IAM provides robust password policy management functionality. When a user creates a password, IDCS or OCI IAM validates the password against the password policies. More information about password policies is available at |
