Secure Data
How Does OCI Ensure That Data Compliance is Adhered To?
For data stored in Oracle databases, we recommend the use of Oracle DataSafe. DataSafe is an OCI service that provides the ability to execute security and user assessments to identify risks related to configuration and privileges. Database audit data is held securely within DataSafe, allowing future analysis. Sensitive Data can also be specified, flagged and masked when needed for non-production use. These capabilities can help customers meet compliance requirements such as GDPR (EU) and the CCPA (US).
For more information about DataSafe, please see hereā¦
How Does OCI Protect Data From Being Read in An Unauthorized Manner?
For customer tenant data, Oracle uses encryption at rest and in transit. The Block Volumes and Object Storage services enable at-rest data encryption by default using the Advanced Encryption Standard (AES) algorithm with 256-bit encryption. In-transit control plane data is encrypted by using Transport Layer Security (TLS) 1.2 or later.
For more information; Object Store Encryption Overview of Block Volumes
How Are Encryption Keys Managed in OCI?
Oracle Cloud Infrastructure Vault is a managed service that lets you centrally manage the encryption keys that protect your data and the secret credentials you use to access resources securely. Vaults securely store master encryption keys and secrets that you might otherwise store in configuration files or code. Specifically, depending on the protection mode, keys are either stored on the server or stored on highly available and durable hardware security modules (HSM) that meet Federal Information Processing Standards (FIPS) 140-2 Security Level 3 security certification.
For more information, please see;