This image illustrates the shared security responsibility model.
- You are responsible for security in the cloud.
- Customer data: Manage user credentials and other account information.
- Account access management, and application management: Guard against insecure user access behavior, implement strong IAM policies, and take care of patching your applications.
- Network and firewall configuration: Use security rules and routing rules.
- Client-side encryption: Use the Vault service to manage keys.
- Oracle is responsible for security of the cloud. We protect the hardware, software, networking, and facilities that run Oracle Cloud services.