Oracle collaborates with Applied Invention and other industry leaders to create an open standard for network and data security across on-premises and distributed cloud environments.
Oracle announced it is participating in an industry-wide initiative to design a new open standard for network and data security that will help organizations better protect their data in distributed IT environments. Under this new initiative, Oracle will collaborate with Applied Invention, other major technology providers, and other leading organizations from across industries, including Nomura Research Institute, Ltd. (NRI), a global provider of consulting services and system solutions. This new standard will enable networks to collectively enforce shared security policies, enhancing the security architecture organizations already use without changing existing applications and networks. To support this new initiative, Oracle plans to release the Oracle Zero-Trust Packet Routing Platform based on the new standard that will help organizations prevent unauthorized access or use of their data without adding extra hurdles for legitimate activities.
“Over the last 20 years, the cybersecurity industry has produced many incremental changes, but we need a fundamentally new approach to protect our data in the increasingly complex cloud era. Organizations need a way to describe their data security policies in one place where they be can easily understood and audited, and they need a way to ensure those policies are enforced across their entire computing infrastructure, including their clouds,” said Mahesh Thiagarajan, executive vice president, Security and Developer Platforms, Oracle Cloud Infrastructure. “To meet this need, Oracle is working with Applied Invention and other technology leaders to launch an effort to create an open, Zero-Trust Packet Routing (ZPR) standard. This will be developed and governed by an industry consortium with Oracle’s participation. We invite collaboration from across the entire technology industry because broad adoption and interoperability will create stronger and more consistent data protection for everyone.”
As cloud uptake increases and IT environments become more complex with distributed cloud deployments, it is increasingly difficult for organizations to protect their data using existing practices and tools. For example, most current systems require security teams to coordinate siloed solutions across database, network, application, and identity security, adding even more complexity when extrapolated across a number of different environments. It can be difficult to make sure those solutions are working together as the applications, environments, and users are constantly and independently changing. Today’s security systems also require extensive configuration to differentiate types of individuals such as full-time employees and contractors, in a way that is not overly permissive or constraining.
Oracle and Applied Invention are helping create and promote a new network and data-centric security standard that will address these challenges. It will enable organizations to protect their data throughout its entire lifecycle without changing the underlying architecture that includes their distributed cloud environments. To achieve this, the standard will use an intent-based security policy that humans can read, audit, and understand. This intent will be enforced at the network layer, with all traffic containing authenticated attributes about the sender, receiver, and type of data in motion. The network uses these attributes to constrain where that data can move. Technology providers and users that implement or interoperate with the standard will be able to use the devices of their network to help track and block threats to their data wherever it is stored, creating a unified layer of security. As a result, it will be more difficult to exploit many common security vulnerabilities created by coordinating and configuring large numbers of devices and security mechanisms. For example, if an authorized user of an application attempts to export data to another environment where it is at risk for misuse, the policy could detect the violation of security intent, block data movement, and create an alert on the incident.
This new standard is built on technology created by Danny Hillis and the team at Applied Invention. “ZPR is how the Internet would have been designed from the start if modern security technologies had been available. I believe it is going to make everyone’s data more secure,” said Danny Hillis, co-founder, Applied Invention. “This initiative is an opportunity to make a generational improvement in cybersecurity for the entire world. We are looking forward to collaborating with Oracle and other industry leaders to realize its potential.”
“When designing a secure cybersecurity system, the more checkpoints and restrictions the organization puts in place, the safer the data stored in that system will be. The tradeoff is that those restrictions can cause major inefficiencies as they often create time-consuming obstacles for users with a legitimate need to access and manipulate data,” said Dave McCarthy, research vice president, cloud and edge infrastructure services, IDC. “The new standard Oracle is helping develop has the potential to change all of that by adding a unified layer of security on top of existing solutions. Building data protection policies into the network itself will help users get the access they need while ensuring the data remains secure behind the scenes.”