In this new IT 2.0 world, the data is the new oil. It’s protection and governance is critical. Companies like Arthur Anderson, Enron, and Equifax changes the regulation landscape every ten years or so. Just like how every airline-crash teaches us the new best practice and hence the regulations for the safety of the passengers and crew, many major security incidents have been teaching us also, a better way to run the digital business. IT compliance is very critical and is a backbone
Although compliance does not equate to a good security, a non-compliance definitely equates to unsecured systems and processes.
There are many tools and solutions for a number of decades helping organizations to comply. However, there is one problem. The regulations are dynamic. They are constantly changing, and are being updated all over the world parallels. For instance, GDPR is not just affecting Europe, it is affecting the companies globally, even if you are not doing any business with European companies or consumers. If you store any European’s citizen’s personal information be it your employee’s spouse or partner, you need to comply to GDPR.
There are many regulations from the state, federal, international, and industry-specific regulations. Keeping up with the compliance is costly, complex, and resource intensive. And, not keeping up with compliance is a business continuity problem, nor just a security problem.
Why not leverage the similarities in these regulations? How else can we keep updated with changing regulations worldwide in real-time?
The solution is a new cloud-based approach to use an unified platform that helps you with IT and security analytics. Compliance is a function of your IT configurations, log analytics, security & infrastructure monitoring, and of course data security. Also, it needs an additional compliance analytics to ensure the visibility, snapshot, scorecard, and trend of compliance in your organization.
Many of the regulations recommend you to have a strong data protection measures around the personal data. It also recommends having strong security controls and configurations around network devices. Most regulations need a strong role-based, access-controlled systems with proper controls around authentication and authorization. Therefore, the similarity in most regulations is to have data, apps, user, and network security. Or in short, the regulations are about securing where the data is received, processed, transferred, or stored.
Oracle has been an undisputed leader for the last 40 years in data management for over 400,000 customers. It has learned a thing or two about the data while protecting and managing it for four decades. We are very excited to add this capability into our Oracle Management Cloud to help you with your organization’s compliance requirements.
Oracle is announcing a major update to its strong management cloud platform, called Oracle Configuration and Compliance (OCC) Cloud Service. It is an analytics-driven compliance management solution that leverages the similarities across PCI, HIPAA, SOX, GDPR, ISO, etc., and ensures the security of your users, apps, and data.
OCC leverages a strong proven platform that delivers APM, DevOps, and SecOps to now also discover IT assets, assess users and network, enforce configurations, monitor for controls, and remediate violations.
OCC has seamlessly integrated an unified platform with infrastructure monitoring capabilities to enable ultra-fast forensic investigation and to help with the audit reports on a regular basis. Compliance also creates a big data problem, which is solved easily through a built-in data cloud within the Oracle Management Cloud platform.
You get is a unified platform for IT Ops, DevOps, APM, and SecOps that leverages similarities in regulations, and provides industry-best practices for compliance. This is delivered through a cloud-based service that can be deployed in minutes in a brand-new, consumption based, business model that is unique to enterprise cloud services.
Learn more here: https://www.oracle.com/cloud/configuration-compliance.html
Sridhar Karnam 