Shows opened padlock to represent security threat

Why automation will become the most reliable way of preventing, detecting, and mitigating security threats

Modern organisations are taking advantage of new and innovative technology, transforming their business operations, continuously improving efficiencies, delivering high levels of customer service, and unearthing new opportunities for products and services that wouldn’t have been conceivable 5-10 years ago. This transformation comes at a price however, and the same technologies used to drive businesses forward are also being deployed maliciously, primarily for financial gain (71% of data breaches were financially motivated, according to Verizon’s 2019 Data Breach Investigations Report) or to gain a strategic advantage. Businesses face greater numbers of security related events more frequently and in different guises than they did five years ago, with attacks on individuals using social channels becoming more prevalent. Alongside this, workforces are hypermobile, well used to downloading applications and accessing, storing and transmitting corporate data anywhere and on any device. In order to keep this edge data secure, businesses must now do more than simply protect against attacks, they must try and prevent them from happening in the first place, wherever the user happens to be and whatever device they happen to be using.

So how do you do that?

The first step is to identify genuine threats from the vast swathes of security incident data that is collected for analysis from a myriad of different sources. They are deliberately not easy to spot, and attackers will use next generation technologies such as AI to hide amongst legitimate traffic. However, some AI and machine learning driven security solutions can analyse massive amounts of data from across any number of data sources, using the power of the cloud to process the analysis right across the organisation, from the edge to the core.

Oracle is one such security solution, enabling businesses to secure modern hybrid clouds with a set of security and management cloud solutions, which draw on data gathered from logs, security events, external threat feeds, database transactions and applications. It uses AI and machine learning technology to detect malicious intentions, then automates the process of finding available security patches and applying them, and all without downtime.

In addition, Oracle’s automated services encrypt production data and enforce user controls, so you don’t have to do it manually.

As we’ve mentioned, to protect data from edge to core, organisations must implement a multi-layered strategy, and when using the cloud, don’t assume that all data protection responsibility lies with the cloud provider. Most cloud providers assume a shared responsibility model, where they offer assurances around the security of the data held on their infrastructure, but access to that data and SaaS data is usually the responsibility of the customer. Consider layering your security solutions to protect every layer of data and each access point, including a Cloud Access Security Broker and Identity Access Manager which will monitor, detect threats, automate the identity management process, sending alerts if anomalous behaviour occurs and remediate wherever possible, without the need for human intervention. Making this work across heterogenous technology on different platforms, on-premises, in the public cloud and in private clouds, is the trickiest part, but Oracle has got it absolutely spot on. Consider the manual alternative, thousands or even millions of security alerts coming into different management consoles, to be sifted through, users to be authorised and behaviour to be monitored and analysed, patches sought and applied and data to be encrypted. It doesn’t bear thinking about.

WTL offer a range cybersecurity solutions which employ next-generation features to ensure you remain one step ahead of the cybercriminals.

Useful Links

Verizon’s 2019 Data Breach Investigations Report

Oracle Cloud Essentials – Secure and Manage Hybrid Clouds

Oracle’s Top 10 Cloud Predictions 2019

Oracle Cloud – everything you need to know

Why Cloud?

It’s a well-publicised fact that cloud adoption is rising at a speedy rate, but why? Essentially, there are three main reasons customers adopt cloud. Firstly, they are looking at ways of reducing the cost and complexity of their on-premises infrastructure. Secondly they would like to accelerate IT delivery by using the cloud for specific projects and finally, they want to create versatile business models to gain a competition edge or disrupt the market.

We’ve all heard of the main public cloud providers, but Oracle Cloud is gaining popularity amongst enterprise customers for a number of reasons.

Why Oracle Cloud?

Oracle Cloud is a next-generation public cloud architected that has been designed specifically to run enterprise applications and databases. It is as elastic and flexible as the first-generation public clouds, but allows additional control, security, performance and predictability which rival those of an on premises deployment. In fact, alongside public cloud and hybrid cloud deployments, Oracle also offers an option called Oracle Cloud at Customer which allows customers to deploy Oracle cloud as a private cloud behind their own firewall.

Oracle’s native toolset enables developers to build their own next-generation, cloud native and mobile apps in the cloud, and allow them to run traditional enterprise apps alongside cloud native apps. Oracle cloud users can strip right back to the bare metal infrastructure to install the exact operating systems, middleware and databases they need.

The toolset includes migration tools to move existing apps to the cloud without the need to rearchitect the apps, even those that have been customised. With any migration we perform though, skilled consultants from WTL and Oracle are on hand for trickier applications.

High Performance

Customers with high performance computing workloads like crash tests, real time analytics, modelling insurance risks or testing new manufacturing materials can rest easy that Oracle cloud can handle the workloads. It offers powerful CPU options, massive memory capabilities and dense storage capacity.

High bandwidth, low latency networks connect servers to file, block and object storage resources making Oracle ideal for customers who need the highest levels of performance. In fact, it can perform up to 5 million I/O operations per second for the most demanding tasks.

But where could Oracle cloud be used to best effect? For customers looking for a DevTest cloud environment, Oracle cloud allows them to test new app versions, validate security patches and test cloud native architectures and features.

For customers using the cloud for production applications, the single tenant, high performance bare metal servers are ideal for high performance computing and are highly available because of the load balancing, real application clustering and multiple availability domains.

Some customers use Oracle cloud for their backup and DR processes, because of its built-in storage resiliency, availability and security and automated backup features.

Finally, Oracle is ideal for extending a serviceable on premises environment to the cloud, without decommissioning the legacy equipment. On premises infrastructure can be connect to the new cloud infrastructure with a VPN or FastConnect, for seamless movement between the two.

Security

With the use of cloud in enterprise computing comes much concern about security, so this is a key area of concern for Oracle. Users access Oracle cloud resources via Oracle Identity and Access Management technology which allows role-based access controls and granular allocation and auditing features. Access to specific cloud compartments can be granted per person, per project or per group, as needed for additional security.

The whole cloud infrastructure is built with security embedded at every level, and the whole environment is monitored and protected by a 24/7 network operation centre staffed by skilled security professionals.

All great features, but how is it different to first generation cloud vendor solutions? Oracle Cloud moves the virtualisation layer to the physical network, utilising what’s known as off box virtualisation and creating single tenant servers. Customers use a virtual cloud network which is isolated from other customers for added security.

Oracle cloud is not just great for Oracle applications, although of course it IS fully optimised to run Oracle enterprise databases and applications, it is ideal for any business running any mixed workloads, regardless of throughput or security requirements.

Useful Links

Oracle Cloud Infrastructure Purpose-Built for the Enterprise

Next-Generation Cloud Delivers Enterprise Scale