Security and Availability

Recovery Service implements the following security best practices to safeguard backup data.

Tenancy Isolation

The Recovery Service infrastructure is located in an Oracle-managed tenancy which prevents direct access and provides a logical air gap between the backups and the database in your tenancy. The backup automation process leverages a private endpoint which provides a encrypted communication channel that only allows RMAN backup data to be sent and received.

Backup Encryption

Recovery Service enforces backup encryption. Any unencrypted backup data will be rejected by the service. All backups, which include operational backups and long-term retention (LTR) backups, must be encrypted using Transparent Data Encryption (TDE). Backups remain encrypted throughout the backup life cycle and the encryption keys are managed by the database service or the customer. Recovery Service does not have access to the encryption keys.

High-Availability

Recovery Service is built on Oracle Engineered Systems, which provides a fast, scalable, fault-tolerant infrastructure with enhanced security. The infrastructure is deployed in a manner which ensures that backups are located at two physical locations in a region. This ensures that backup and restore operations are highly available.

OCI Identity and Access Management (IAM) Integration with Recovery Service

Identity and Access Management (IAM) enables granular role-based access control. You can configure OCI policies to only allow specific users to access Recovery Service resources.

Observability and Management

Recovery Service is integrated with OCI Observability and Management which allows Metrics Explorer to display historical backup metrics. You can configure alarms to help ensure that the backups are meeting your service level agreements.