Oracle has announced enhancements to its security cloud offering with the introduction of new Adaptive Access Capabilities. They also revealed that the Oracle Cloud Access Security Broker (CASB) cloud service has added more integrations with third party software providers.
Oracle maybe not so insular as you thought
One of the criticisms levelled at Oracle is that while they promote their complete stack for business the language often ignores the existence of other options. This announcement goes against that trend and should be welcomed in that it accepts that customers have a choice of which systems they purchase.
The Oracle CASB has added support for several new vendors with Slack being the most recent addition. The list of vendors supported now includes: Salesforce.com, Microsoft Office365, Box, Google G-Suite, ServiceNow, AWS, GitHub, and Rackspace. Many of these are competitors of Oracle. The Slack integration supports the push event model. Slack pushes data to Oracle CASB rather than waiting for a poll. That Oracle calls this out is interesting as it may mean that further integrations with other cloud applications are likely.
The Oracle CASB cloud service has also added support for the Symantec/Bluecoat secure web gateway. This allows activity data to flow into the Oracle machine learning-based activity risk model. This latest addition adds to Check Point, Palo Alto Networks, Fortinet and Sophos ensuring that data collected covers most of the major suppliers.
The main differentiator of the Oracle CASB is that it provides the only security monitoring and threat detection solution for Oracle’s own SaaS applications. For companies looking to deploy Oracle HCM, ERP, and Customer Experience (CX) SaaS applications it is the only solution currently available. Whether Oracle will open up their ecosystem for other vendors it remains to be seen. It has inferred that there might be a second!
Adding dynamic access controls
With the ongoing daily threats to IT systems Oracle continues to invest in improving its tools. The latest innovation is the addition of adaptive access capabilities in the Oracle Identity Cloud Service. The enhancement appears to modify access control depending upon the level of risk determined by the solution. What variables the risk engine considers is not detailed but with Oracle serving multinational corporations one would expect it to include location. While hackers may obfuscate their point of origin end users will need access from a variety of locations. The engine will need to decipher which locations are permitted and what usage patterns are expected in each of those. Companies looking to procure the solution should validate that it covers most of their workers likely scenarios without blocking their business leaders from accessing systems from abroad.
Importantly this measures usage by each separate cloud service, including external ones such as Microsoft Office, Box, etc. If an anomaly in user access is identified the system will orchestrate an incident response. That response includes the raising of incident tickets through integration with third party applications. What isn’t clear is whether the level of access control increases. For example if anomalous activity is spotted then multi factor authentication is initiated.
Peter Barker, senior vice president, Identity and Security at Oracle commented: “We are making a large investment in providing comprehensive security solutions that can help enterprises adapt, manage and strengthen their security posture against external and internal risks. Our expertise in data science and machine learning enable Oracle to bring unique, scalable and dependable security services to customers transitioning workloads to the Oracle Cloud or third party clouds.”
What’s it mean
Oracle is starting to integrate its artificial intelligence and machine learning capabilities into its security portfolio. There is still room for improvement. However, their approach seems sensible. Implementing too much, too quickly can often lead to a negative reaction by employees of customers who find too much security a barrier. The trick is to introduce new capabilities without impacting the usability of the solution. As Oracle gets feedback from customers using the Oracle CASB and identity service one can expect further enhancements.
These are part of the a wider security portfolio that Oracle delivers. The Oracle’s Identity SOC portfolio includes Oracle CASB , Identity, Security and Monitoring Analytics ,Configuration as well as Compliance Cloud Services. Services are critical to the Oracle cloud strategy. They need to remain open as Oracle cannot expect that all their customers will only use their software although it would obviously like them too. Whether they open up their cloud platform for alternate offerings will be interesting.