7 Frequently Asked Questions
This chapter includes a number of specific questions related to security that are frequently asked by prospects, customers and implementers.
Table 7-1 Frequently Asked Questions
| Question | Answer |
|---|---|
|
Does Brand Compliance Cloud Service support data encryption? |
Yes. All data is stored in encrypted tablespace at rest, and is encrypted in transit. Brand Compliance Cloud Service uses TLS for secure transport of data. |
|
Does Brand Compliance Cloud Service provide network segregation? |
Yes. The Oracle Cloud network is isolated from the Oracle corporate network. |
|
Does Brand Compliance Cloud Service provide secure backups? |
Yes. Backup is a standard process for Brand Compliance Cloud Service. Database and application servers are backed up both incrementally (daily) and fully (weekly). Backups are stored for at least 60 days. |
|
Does Brand Compliance Cloud Service provide centralized logging? |
Yes. All application and infrastructure logs are forwarded to a centralized Security Information and Event Management system. |
|
Does Brand Compliance Cloud Service provide anti-virus? |
Yes. All files uploaded into Brand Compliance Cloud Service are scanned by anti-virus and anti-malware software. All hosts in the cloud service are regularly patched with the latest critical patch updates. |
|
Does Brand Compliance Cloud Service provide strong authentication options such as 2-factor, one-time Password? |
Multi-Factor Authentication is an option if a customer chooses to license the Standard Tier of IDCS or OCI IAM. |
|
Does Brand Compliance Cloud Service include a configurable warning banner which is presented upon login? |
Terms of Use is an option if a customer chooses to license the Standard Tier of IDCS or OCI IAM. It presents disclaimers and acceptable use policies to users. The Brand Compliance application also allows for the configuration of portal specific terms and conditions, which are presented for the user to accept or reject upon first login. |
|
Does Brand Compliance Cloud Service implement access lists to secure each tier of the solution? |
Yes. Communication between tiers within Brand Compliance Cloud Service is limited by subnet ingress security lists. |
|
Does Brand Compliance Cloud Service include and support the capability to change default account passwords? |
All user password management occurs in IDCS or OCI IAM. |
|
Does Brand Compliance Cloud Service support Roles with defined access levels? |
Yes. Oracle Retail Enterprise roles span Oracle Retail applications. Within Brand Compliance Cloud Service, privileges and duties can be assigned to roles to define what is accessible to certain types of users. |
|
Does Brand Compliance Cloud Service support synchronizing with an external time source? |
All hosts within the solution are synchronized to the same time source. |
|
Does Brand Compliance Cloud Service provide strong password options such as complexity, history, aging, and account lockout? |
IDCS or OCI IAM provides robust password policy management functionality. When a user creates a password, IDCS or OCI IAM validates the password against the password policies. More information about password policies is available at https://docs.oracle.com/en/cloud/paas/identity-cloud/uaids/manage-oracle-identity-cloud-service-password-policies1.html. |