Alternative Archival Solution for Public Health Care Company

BC.

The customer Global Risk and Compliance (GRC) team has highlighted four security requirements for the archival solution proposed by the company. These requirements are:

1. All data less than 1 year old must be accessible within 2 hours.
2. All data must be retained for at least 10 years and be accessible within 48 hours.
3. All data must be encrypted at rest.
4. No data may be transmitted across the public internet.

Based on these requirements, let's evaluate each of the options provided and determine which ones meet the customer's GRC team's requirements.

Option A: Provision a FastConnect link to the closest OCI region and configure a private peering virtual circuit.

FastConnect is a dedicated private connection between on-premises infrastructure and OCI. By provisioning a FastConnect link, the company can create a private peering virtual circuit between its on-premises data center and OCI. This option meets the fourth requirement, which is that no data may be transmitted across the public internet. Additionally, a private peering virtual circuit provides a secure and reliable connection between the two environments. However, this option does not directly address the first and second requirements. Therefore, this option is not sufficient to meet all of the customer's GRC team's requirements.

Option B: Provision a FastConnect link to the closest OCI region and configure a public peering virtual circuit.

This option is similar to Option A, except that it uses a public peering virtual circuit instead of a private peering virtual circuit. Public peering provides access to OCI services without the need for a public IP address. However, since the requirement is that no data may be transmitted across the public internet, this option is not acceptable. Therefore, this option does not meet the customer's GRC team's requirements.

Option C: Create an OCI Object Storage Standard tier bucket. Configure a lifecycle policy to archive any object that is older than 365 days.

OCI Object Storage is a scalable and durable object storage service. This option creates an OCI Object Storage Standard tier bucket and configures a lifecycle policy to archive any object that is older than 365 days. This option meets the first requirement, which is that all data less than 1 year old must be accessible within 2 hours, as the data will be stored in the Standard tier bucket and immediately accessible. This option also meets the second requirement, which is that all data must be retained for at least 10 years and be accessible within 48 hours, as the data will be archived after 365 days but still retrievable within 48 hours. Additionally, OCI Object Storage provides encryption at rest by default, meeting the third requirement. Therefore, this option meets all of the customer's GRC team's requirements.

Option D: Create an OCI Object Storage Standard tier bucket. Configure a lifecycle policy to delete any object that is older than 7 years.

This option is similar to Option C, except that it deletes any object that is older than 7 years instead of archiving it. Since the requirement is that all data must be retained for at least 10 years, this option is not acceptable. Therefore, this option does not meet the customer's GRC team's requirements.

Option E: Create a VPN connection between your on-premises data center and OCI. Create a Virtual Cloud Network (VCN) along with an OCI Service Gateway for OCI Object Storage.

This option creates a VPN connection between the on-premises data center and OCI and creates a Virtual Cloud Network (VCN) along with an OCI Service Gateway for OCI Object Storage. This option meets the fourth requirement, which is that no data may be transmitted across the public internet. However, this option does not directly address the first and second requirements. Therefore, this option is not sufficient to meet all of the