Oracle, which already owns one of the deepest security software stacks in the high-tech sector, said it plans to make additional investments in its security applications to counter the cleverness of emerging hackers.
Oracle President Chuck Phillips made the announcement here yesterday as a precursor to a drill-down into the company's security infrastructure applications.
"The bad guys have gotten smart," Phillips claimed, noting that Web defacement as a popular form of hacking has been replaced by identity fraud and other new-fangled attacks.
Phillips said Oracle and the industry is looking to combat this by moving from siloed, point solutions that quash specific threats to more integrated product portfolios that blanket networks with protection.
Once known only for its database offerings, Oracle has bulked up its other middleware and applications portfolios in recent years.
The event underscored how the company had morphed into a leader in security infrastructure, offering access control, data privacy and compliance software to run the gamut of securing a business from external and internal attacks.
Oracle's access control software includes a single sign-on technologies for Web, desktop and cross-domain usage; Web services security; identity management for user provisioning and directory services for housing ID information.
For data privacy, Oracle offers software that protects database admins from browsing, Phillips said, financial results before the CEO and CFO see it.
This bucket also includes encryption of data from a Web browser to the database and physical device encryption in the case of lost or stolen disks.
Finally, Oracle has boosted its compliance portfolio in the last year, a content and record database for accessing and managing e-mail and other documents and "audit vault" for watching over who is accessing what.
Oracle executives demonstrated certain aspects of each security bucket, including how to provision user access from a PeopleSoft human resources application so that a database administrator only taps into certain applications.
On the whole, Oracle's portfolio for security infrastructure software covers more bases than suites from vendors such as Microsoft (Quote, Chart), IBM (Quote, Chart) or Sun Microsystems (Quote, Chart).
But Thomas Kurian, senior vice president of server technology at Oracle, sees several ways the company can fortify its current products.
These will include Oracle's usual practice of building new software and features in-house, as well as acquiring smaller specialty vendors to meet the needs Oracle's customers require, Kurian told internetnews.com after the event.
Kurian said that Oracle is developing a new "micro-entitlements" feature that will allow people to get authorization privileges on a much more fine-grained basis. This privileges last for a very short duration to keep security tight.
"That's the big requirement right now for a number of telecommunications companies that have self-service, external-access systems," Kurian said.
Role management is another area Oracle hopes to beef up. Kurian said some large companies define identities as belonging to certain roles, and that Oracle is working on software to help corral the lifecycle of role management.
"You'll see us filling out these areas as new customer problems are emerging," Kurian said.
Finally, as part of its ongoing Fusion architecture strategy for integrating its middleware and applications portfolios, Kurian said Oracle's future applications packages will come with audit, compliance, forensics and access control functionality out of the box.
Oracle will also look to provide automated change management and software patching tools to help customers' computer systems proactively address security issues.
The event comes a week after Oracle surprised securities analysts with better-than-expected first-quarter earnings, prompting analysts to claim that the software maker's aggressive acquisition strategy is paying off.
Oracle's sales and earnings were up nearly 30 percent from the year-ago quarter. Pro forma earnings of 18 cents a share were two cents ahead of estimates, while sales of $3.59 billion topped $3.47 billion forecasts.
Article courtesy of internetnews.com