Skip to Main Content

Exadata Office Hours

Free tips and training every month! Subscribe for reminders and more from Office Hours. FAQ
Dev Live Dev Intro

We are celebrating Developers at AskTOM. We welcome Developers of all levels of experience to join us at our FREE Developer Live events coming in August and September. Just click on the left to register today! If you are brand new to Database Technology, then we also have got you covered. Just click on the right for your comprehensive FREE training program to kick start your Oracle Database Development journey!

Header container

June 11

17:30 UTC   Start Times Around the World

Description

Exadata Cloud at Customer Security with Jeff Wright
Join Gavin and Cris for a chat with Exadata Cloud at Customer Security expert Jeff Wright. Jeff will discuss the security features and controls required by the most security-conscious organizations, and his work with Development to meet these stringent requirements on Exadata Cloud at Customer. Bring your questions to this interactive session. You may also want to review the white paper linked under Session Resources below.

Highlights

00:12 Start & Introductions
02:34 Jeff defines security in general
03:15 IT security
03:39 Financial services customers
03:50 IT security, ctd.
04:00 Secure system, defined
04:19 Secure systems and humans
05:00 Q1: Can Oracle access customer data?
05:25 End-to-end Data Protection picture
05:44 What are the controls — is a more useful question
07:40 — What if Oracle staff accesses the customer VM?
08:23 You should not (need to) trust a(ny) person
09:01 Service Architecture
10:18 Next level - network access blocking
11:14 Q2: Access for configuration v. normal operation?
11:52 Secure run time mode
13:30 Data in and out of the VM is encrypted
14:05 Defense in Depth - what Oracle manages
15:50 — Summary of Defense in Depth
16:32 Q3: How much is “out of the box” and how much do I need to configure for Defense in Depth?
19:02 Q4: How does the security model interact with automation for patching, etc.?
21:06 Challenges of meeting the requirements for high security enterprises
22:43 Examples of how we (Oracle) think and learn from customers
23:47 For IT security, people are risk
25:03 Customer’s requirements drive Oracle’s security architecture
25:58 Importance of controls to high security/regulated enterprises
28:52 Oracle access control state of the art summary
30:48 Q5: Multiple authentication methods?
36:58 Doors, locks, and cameras
38:16 Q6: Single Sign-on?
39:39 Security / penetration testing against cloud is considered hostile
40:58 Cris & Gavin recap
42:35 Jeff’s final remarks

Subscribe to give us feedback and be notified of upcoming sessions!

Your Experts

Cris Pedregal
Cris Pedregal, Senior Technologist
Cris Pedregal joined Oracle as a senior developer in 2005, working on the design and development of high availability functionality, compression, and the initial cloud deployments of the Oracle Database. He moved to product management where he launched product features and evangelized Oracle technologies. He also managed company-wide technical relationships with key external partners, including a major cloud computing company and CERN. Before Oracle Cris was on the Computer Science faculty at the University of New Mexico, Albuquerque. He earned his PhD in Computer Science at the University of Massachusetts, Amherst, and his undergraduate CS degree at Eslai, Argentina. He speaks one language with 2.5 accents.
Gavin Parish
Gavin Parish, Senior Principal Product Manager    
Gavin is a product manager in Oracle’s Exadata team, with a focus on Exadata’s software and hardware roadmap. Prior to the Exadata team, Gavin was a founding member of the team responsible for launching the industry’s first on-premises public cloud technology - Oracle Cloud at Customer. In his 15 years in Oracle Product Management, Presales and Consulting roles, Gavin has developed a robust understanding of all things Oracle, helping customers architect and implement a variety of infrastructure and application technologies.
Jeffrey Wright
Jeffrey Wright, Product Manager
I work in Exadata Cloud Product Management where I spend my days working the whole solution of Exadata Cloud Service/Machine and the products, services, code, and customers that surround it. While Exadata Database Machine is a well-proven and mature technology, we are once again Crossing the Chasm with Exadata Cloud, and I am here to help guide you with the why and how to make this happen. Places I like to play include Security, especially related to Exadata Cloud Service and Exadata Cloud at Customer Cloud Networking Cloud Automation and system performance I don't invent much, but I fancy myself a decent story teller and explainer of technology. I am happy to talk with customers, sales teams, developers, testers, and product managers about how to best use what we have, and build what the market wants. Give me a call or send me an email if you want to talk tactics, strategy, science, cycling, or skiing.