Oracle Cloud Infrastructure Security Guide

Oracle Cloud Infrastructure enables enterprises to maximize the number of mission-critical workloads that they can migrate to the cloud while continuing to maintain their desired security posture and reduce the overhead of building and operating data-center infrastructure. With Oracle Cloud Infrastructure, enterprise customers get unparalleled control of and transparency into their applications running in the cloud, including:

  • Customer isolation that allows you to deploy your application and data assets in an environment that commits full isolation from other tenants and Oracle’s staff, as well as between the same tenant’s workloads.
  • Always-on encryption that protects customer data at-rest and HTTPS-only public APIs.
  • Easy-to-use IAM policies that allows you to constrain access to your services and segregate operational responsibilities to reduce risk associated with malicious and accidental user actions.
  • Security zone policies that allow you to be confident that your resources comply with security principles and best practices related to encryption, network access, and so on.
  • Comprehensive log data that allows you to audit and monitor actions on your resources, helping you to meet your audit requirements while reducing security and operational risk.
  • Identity federation that allows you to use your existing users and groups in the cloud.
  • Support for bringing in third-party software solutions for protecting customer data and resources in the cloud.
  • Fault-independent data centers that enable high availability scale-out architectures and are resilient against network attacks, ensuring constant uptime in the face of disaster and security attack.
  • Rigorous internal processes and use of effective security controls in all phases of cloud service development and operation.
  • Adherence to Oracle’s strict security standards through third-party audits, certifications, and attestations. Oracle helps customers demonstrate compliance readiness to internal security and compliance teams, their customers, auditors, and regulators.

All of the Oracle Cloud Infrastructure security capabilities have been designed with one goal in mind: allowing you to run your mission-critical workloads in the cloud with complete control and confidence. Oracle continues to invest in the above areas and more to offer unmatched security and assurance to enterprise customers.

For an overview of Oracle Cloud Infrastructure's security, see Security Overview.

For service-specific best practices and policy examples, see Security Best Practices.