skip to main content

Ovum view


Presenters at Oracle's recent MBX event in London made excellent points about an important difference between platform requirements during the iterative phases of innovation work, and those for the stage at which an idea is taken to market. With the EU General Data Protection Regulation (GDPR) a prominent current consideration, the possibility of shifts in the market for different cloud models was also a thought-provoking takeaway from the event.

The choice of cloud platform type could affect compliance costs

While the cloud infrastructure used to support earlier stages of the innovation process may be justifiably kept "lightweight", all online offerings must be "enterprise-strength" when exposed to a production environment, even if some are only intended to test customer reaction and gauge market engagement. Security problems arising from advanced threats or unauthorized access are risks to any service, no matter how innovative and exciting it may be. There is therefore a growing opportunity for cloud platforms that can support this transition by plugging in support for a full range of enterprise requirements, with the capacity and flexibility to scale to support successful offerings.

Governance, security, performance, and other capabilities essential for going to market in a mature way are underpinning the substantial growth of Oracle's Autonomous Database Cloud offerings, which also manage to be innovation-friendly via support for application foundations such as Kubernetes and Docker. Oracle is targeting the platform-as-a-service (PaaS) and software-as-a-service (SaaS) markets, where it can highlight added value such as addressing customers' data-related compliance needs (already particularly important due to GDPR), with existing license-holders offered incentives to migrate to PaaS/SaaS usage. Existing customers in the infrastructure-as-a-service (IaaS) market will have the burden of specific GDPR compliance issues (for example, establishing risk-based data protection that would not be packaged with IaaS) to take care of, and could find that such overheads erode the cost savings they perceived from their choice of service type.

The Oracle Autonomous Database Cloud Platform offerings (all based on PaaS) also address more general compliance needs, such as visibility into the protection mechanisms and security-related decisions and actions taken, which organizations may well need to reference for GDPR compliance. In addition, they offer the opportunity for both standardization and efficiencies via automation of a broad scope of IT operations activities, including automatic encryption of all data, preventing hackers reading information via the database or network, and application of security updates automatically without delay or downtime, thereby keeping database protection up to date more effectively and combatting external attacks as well as malicious internal users.


Further reading

2018 Trends to Watch: Cloud Computing, IT0022-001070 (October 2017)

EU's General Data Protection Regulation (GDPR) to Have Greater Impacts on Enterprises, IT0018-001525 (April 2017)


Alan Rodger, Senior Analyst, Infrastructure Solutions

[email protected]