Executive View

Oracle Data Safe

Oracle Data Safe is a cloud-based service that improves the security of Oracle databases on-premises and in the cloud by identifying risky configuration, users, and sensitive data, which allows customers to closely monitor user activities and ensure data protection and compliance.

Alexei Balaganski

ab@kuppingercole.com

1 Introduction

As recent market trends indicate, companies are increasingly adopting cloud-first strategies for their business developments. Scalability, flexibility, and predictable costs are the primary factors for the growing adoption of cloud services. Achieving better agility and innovation, lowering the time to market for their digital services, eliminating the costs of maintaining their own infrastructures – these are just some of the drivers that motivate businesses to migrate their applications, workloads, and, of course, data to public clouds. This trend has been ongoing for over a decade, but the global pandemic that forced most employees to work from home for months has boosted cloud adoption even further.

Unfortunately, changes to system deployment patterns, workforce realignment, and the adoption of new technologies complicate the security landscape. The number and sophistication of massive data breaches and cyberattacks that even the largest and best-prepared enterprises are facing nowadays continue to grow. Harsh compliance fines imposed by regulatory frameworks (PCI DSS, CPRA, or GDPR to name just the most notorious ones) further raise the losses. Unsurprisingly, protecting sensitive corporate data is becoming the highest priority for all organizations, even those that lack the necessary manpower and expertise to enforce it.

This continuous struggle of business drivers against security and compliance challenges has led to the current situation where hybrid IT infrastructures are the new norm, with organizations forced to maintain separate, often incompatible infrastructures on-premises and in a cloud (or in multiple clouds). The complexity brought by hybrid and multi-cloud IT infrastructures has massively increased the efforts needed to keep track of all sensitive information managed by an organization, to say nothing about classifying the data according to its sensitivity and then selecting and enforcing appropriate data protection and governance capabilities.

Many companies would love to outsource parts of these efforts to a qualified third party, just like they already do with less sensitive workloads. Indeed, the trend of consuming security tools delivered from the cloud is gaining popularity in recent years, and the ongoing pandemic has been a major boost for it as well. A “security cloud” that can replace a whole stack of traditional single-purpose security appliances but without the onerous task of separately deploying, operating, and integrating stand-alone tools. A unified security control center benefits distributed enterprises as well as small businesses working mostly from home.

A unified management console that replaces numerous disconnected security tools helps address an even more crucial problem: the general lack of full visibility across environments that makes the daily job of a security expert painfully complicated. Centralized management, analytics, and reporting can also greatly simplify the enforcement of regulatory policies and early detection of the changes that eventually may lead to compliance violations.

While cloud-based solutions for securing endpoints (Endpoint Detection and Response / EDR) and network access (Secure Access Service Edge / SASE) have proven to be quite popular with businesses, especially during the pandemic lockdown months, most companies still seem to be quite wary about cloud-delivered data protection services. The primary reason for this is, of course, the general reluctance of customers to expose their highly sensitive on-prem data to a service hosted and managed by a third party: this has massive compliance and security implications when data sovereignty is compromised or if the service itself has security problems. Under regulations like GDPR, such a data breach will be extremely costly.

An additional concern is the security solution’s complexity both in deployment and usage. This is especially noticeable when all a vendor offers is a suite of security tools for on-prem and cloud deployment. Some of those tools might not be well-integrated and may even come from recent acquisitions. After all, when opting for cloud-based security solutions, customers expect the convenience of a SaaS service but at the same level of assurance as traditional enterprise on-premises products.

This is exactly where Oracle offers a value proposition that very few competitors can match. On the one hand, the company is a veteran database vendor with decades of experience in database security and data protection. On the other, as a relative latecomer to the cloud market, the company had a chance to learn from the requirements of their enterprise customers and implement many data security and compliance controls directly in Oracle cloud services.

Last but by no means least, Oracle’s database portfolio is designed around a single multi-model database management platform with full feature parity on-premises and in the cloud, thus dramatically reducing the architectural complexity for hybrid deployments compared to any other cloud service provider.

With the next-generation, secure-by-design cloud infrastructure and the Autonomous Database with multiple data protection capabilities built-in, Oracle is ready to remove the majority of the compliance and security burden from their customers.

A critical pillar in this secure-by-design cloud architecture is Oracle Data Safe, the unified control center for Oracle databases for automating data governance and risk management activities.
We reviewed Data Safe when it was first released back in 2019, but Oracle has substantially expanded the service’s coverage and market positioning since which warrants an updated review.

Continue reading...
Read the full report and get access to KuppingerCole Research for 4 weeks.
Start Your Free Trial
Already a subscriber? Click here to login.