Oracle Cloud Infrastructure Security Guide

Oracle Cloud Infrastructure enables enterprises to migrate their mission-critical workloads to the cloud while continuing to maintain the same security posture. Reduce the overhead of building and operating data center infrastructure without sacrificing security.

With Oracle Cloud Infrastructure, enterprise customers get maximum control of and transparency into their applications running in the cloud, including:

  • Customer isolation that allows you to deploy your application and data assets in an environment that commits full isolation from other tenants and Oracle's staff, as well as between the same tenant's workloads.
  • Always-on encryption that protects customer data at-rest and HTTPS-only public APIs.
  • Easy-to-use IAM policies that allow you to constrain access to your services, and to segregate operational responsibilities to reduce risk associated with malicious and accidental user actions.
  • Security zone policies that allow you to be confident that your resources comply with security principles and best practices related to encryption, network access, and so on.
  • Detection of security weakness in resource configuration, and detection of risky activities performed by operators and end users.
  • Comprehensive log data that allows you to audit and monitor actions on your resources, helping you to meet your audit requirements while reducing security and operational risk.
  • Identity federation that allows you to use your existing users and groups in the cloud.
  • Fault-independent data centers that enable high availability scale-out architectures and are resilient against network attacks, ensuring constant uptime in the face of disaster and security attack.
  • Support for third-party software solutions for protecting customer data and resources in the cloud.
  • Rigorous internal processes and use of effective security controls in all phases of cloud service development and operation.
  • Adherence to Oracle's strict security standards through third-party audits, certifications, and attestations. Oracle helps customers demonstrate compliance readiness to internal security and compliance teams, and to their customers, auditors, and regulators.

All Oracle Cloud Infrastructure security capabilities have been designed with one goal in mind: allowing you to run your mission-critical workloads in the cloud with complete control and confidence. Oracle continues to invest in these areas and more to offer unmatched security and assurance to enterprise customers.

  • For a general overview of Oracle Cloud Infrastructure security concepts, see Security Overview.
  • For an overview of the security services in Oracle Cloud Infrastructure, see Security Services.
  • For an overview of the security capabilities in core services like Compute, Networking, and Block Volume, see Security for Core Services.
  • For general recommendations on getting started with Oracle Cloud Infrastructure security, see Securing Your Tenancy.
  • For service-specific best practices and policy examples, see Security Best Practices.