Keep Your Data Secure
Throughout the
Cloud Lifecycle

According to the 2020 Oracle and KPMG Cloud Threat Report, 96 percent of IT professionals are familiar with what’s called the cloud security shared responsibility model.

But while most are familiar, few are experts. In the same report, it was revealed that only 8 percent fully understand the shared responsibility model for all types of cloud services.³

Only 8 percent of IT professionals fully understand the cloud security shared responsibility model for all types of
cloud services

Oracle Security Zones is helping to change this. With the introduction of Oracle Security Zones, Oracle is shifting the cloud security shared responsibility model so that the cloud service provider can provide additional assistance to the customer. Layers of the shared responsibility model that IaaS customers were traditionally responsible for are being partially covered by Oracle Security Zones. And with Oracle Security Zones, configuration management, monitoring, and enforcement are improved.

In addition, there is additional protection provided by
various enforcement points including the control plane,
the data plane, and Oracle Cloud Guard for reactive enforcement. This will enable customers to focus more on the security strategy for the rest of their data and applications.

Oracle Security Zones can assist with the cloud security shared responsibility model in multiple ways, including:

• Denying public access to Oracle Cloud Infrastructure resources, such as databases and object storage buckets
• Enforcing the policy that detached storage resources must reside in the same secure compartment as the compute instance
• Encrypting resources with storage functions—such as block volumes, object storage buckets, and
  databases—with a customer-managed key