Oracle Public Cloud achieves new levels of compliance (Image credit Freeimages/linusb4
Oracle Public Cloud achieves new levels of compliance

Oracle announced that it has achieved several certifications for its public cloud offering. The announcement allows Oracle to compete effectively in a growing number of industries in which compliance is critical. Many of the existing Oracle solutions are already compliant but for its public cloud to achieve these certifications is significant as it will lower the cost for many.

The certifications were administered by Schellman & Co. a company that specialises in carrying out independent assessments for various industry standards. The certifications that the cloud services achieved included ISO 27001, HIPAA, SOC1 and SOC2. They will enable Oracle to launch a new marketing initiative in healthcare for example.

Public sector targeted?

This was a comprehensive map of testing across Oracle’s three columns of services. Various IaaS (Infrastructure-as-a-Service) and PaaS (Platform-as-a-Service) solutions received Service Organization Control (SOC) attestations. These included: Database Public Cloud Service, Java Public Cloud Service, Database Backup Cloud Service, Exadata Cloud Service, Big Data Cloud Service, Big Data Preparation Service, Big Data Discovery, Application Builder Cloud Service, Storage Cloud Service, Dedicated Compute Cloud Service, and Public Compute Cloud Service.

This is a significant step for Oracle, as it looks to upgrade government systems across the globe from its on premises solutions to cloud based ones. Governments across the globe are looking for less expensive but compliant solutions that they can replace their on-premises ones with. It will be interesting to see how quickly Oracle leverage their new certifications and what customer wins in public sector follow.

Healthcare key battleground

With healthcare organisations also looking to move to the cloud, Oracle is fighting against newcomer Salesforce in CRM. It now has HIPAA compliant solutions available, such as Enterprise Resource Planning (ERP), Human Capital Management (HCM), and Customer Relationship Manager (CRM) Cloud Service. The attestation of HCM will also enable it to compete more effectively against Workday for healthcare organisations. Workday already has HIPAA 834 compliance.

HIPAA compliance is table stakes for most healthcare organisations as it focuses on the protection of patient and personal data. Oracle has removed one competitive differentiator between the systems it competes against and it will be interesting to see how it measures up. The proof will be the real new business wins it accomplishes over the next few months.

Security key

All companies want to ensure that their data is safe in the cloud. It is surprising that it has taken Oracle this long to achieve the certification for ISO 27001, the information security management standard. Now it has been attained it should help accelerate SaaS sales. The public cloud SaaS suites that have now been certified include: Fusion ERP, HCM, CRM, Taleo Social, Taleo Business Edition, Service Cloud, Eloqua Marketing Cloud, BigMachines CPQ, and Field Service Cloud. 


Erika Voss, Global Senior Director, Public Cloud Compliance, Risk and Privacy, Oracle (Image credit Linkedin
Erika Voss, Global Senior Director, Public Cloud Compliance, Risk and Privacy, Oracle

In making such a single major announcement about its compliance, Oracle has ensured that its message is heard. Many companies quietly achieve certifications one by one, with no fanfare once completed other than the inclusion of a logo. With so many services completing the certification for several areas it makes it worth mentioning. It also raises the question about which of its competitors have all of them.

Within tender processes, compliance is often a check box. However companies should really check that certifications are not just valid but up to date. It is often worth requesting the latest reports from 27001 audits, as it can highlight areas that need improving. At worst it raises concerns about whether certifications are in danger of being lost. For Oracle the recent testing ensures that this is unlikely, but as compliance tightens it is always worth reviewing.

Erika Voss, Global Senior Director, Public Cloud Compliance, Risk and Privacy, Oracle commented: “Oracle is continuously investing time and resources to meet our customers’ strict requirements across highly regulated industries. These new certifications not only validate the reliability and security features of the Oracle Cloud; they effectively make Oracle’s solutions available to thousands of new customers in the Healthcare and Public Sector industries.”


Please enter your comment!
Please enter your name here