Security and Availability
Recovery Service implements the following security best practices to safeguard backup data.
Tenancy Isolation
The Recovery Service infrastructure is located in an Oracle-managed tenancy which prevents direct access and provides a logical air gap between the backups and the database in your tenancy. The backup automation process leverages a private endpoint which provides a encrypted communication channel that only allows RMAN backup data to be sent and received.
Backup Encryption
Recovery Service enforces backup encryption. Any unencrypted backup data will be rejected by the service. All backups, which include operational backups and long-term retention (LTR) backups, must be encrypted using Transparent Data Encryption (TDE). Backups remain encrypted throughout the backup life cycle and the encryption keys are managed by the database service or the customer. Recovery Service does not have access to the encryption keys.
High-Availability
Recovery Service is built on Oracle Engineered Systems, which provides a fast, scalable, fault-tolerant infrastructure with enhanced security. The infrastructure is deployed in a manner which ensures that backups are located at two physical locations in a region. This ensures that backup and restore operations are highly available.
OCI Identity and Access Management (IAM) Integration with Recovery Service
Identity and Access Management (IAM) enables granular role-based access control. You can configure OCI policies to only allow specific users to access Recovery Service resources.
Observability and Management
Recovery Service is integrated with OCI Observability and Management which allows Metrics Explorer to display historical backup metrics. You can configure alarms to help ensure that the backups are meeting your service level agreements.