Oracle Cloud Infrastructure Documentation

Maintenance, Monitoring, and Prevention

Security is an ongoing activity that requires maintenance, monitoring, and prevention.

Threats move at machine speed, but traditional enterprise security can only analyze and react at human speed. Your organization must be prepared for a variety of threats. Among the main issues to consider are:

  • Advanced persistent threats: Attackers target enterprise users with adaptive malware, ransomware, vulnerability exploits, and increasingly sophisticated email phishing campaigns.
  • Porous perimeter: The ubiquity of the cloud and mobile devices means that employees access enterprise applications and data beyond the traditional perimeter.
  • Unsanctioned IT: Users who are frustrated by IT's lack of flexibility and slow responsiveness, and bolstered by the simplicity of Software as a Service (SaaS) apps, create an unsanctioned IT culture.

Machine learning and artificial intelligence are changing threat management for legacy security approaches in terms of cost, complexity, and resources. As part of your cloud transformation, ensure that your organization applies a new level of sophistication to cybersecurity threat prediction, prevention, detection, and response.

Your security maintenance approach should include the following areas:

  • Implement security monitoring and analytics. Services such as Data Safe can help you to actively monitor and alert for risks.

  • Monitor and manage for configuration drift.

  • Automate the installation of security updates and patches.

  • Use cloud security posture management (CSPM) tools to automate security. Capabilities include:

    • Threat detection and prevention.
    • Intrusion detection systems and intrusion prevention systems.
    • Next-generation machine learning models that process massive amounts of data and match discrete patterns and signatures to known threats.
    • Machine learning tools that analyze user activity, define baselines for typical usage, identify suspicious behavior, and draw probabilistic conclusions about the validity of a threat.

  • Use a security information and event management (SIEM) system to manage the security of your cloud resources.