• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Con 8810 who should have access to what - final
 

Con 8810 who should have access to what - final

on

  • 379 views

Neil Gandhi's OpenWorld 2013 Presentation

Neil Gandhi's OpenWorld 2013 Presentation

Statistics

Views

Total Views
379
Views on SlideShare
379
Embed Views
0

Actions

Likes
0
Downloads
19
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Notes:Extract Entitlements
  • With Fusion Middleware, you can extend and maximize your existing technology investment with the same technologies used in Fusion Applications, including embedded analytics and social collaboration, and mobile and cloud computing. Oracle’s complete SOA platform lets your IT organization rapidly design, assemble, deploy, and manage adaptable business applications and—with Oracle’s business process management tools—even bring the task of modeling business processes directly to the business analysts. Oracle Business Intelligence foundation brings together all your enterprise data sources in a single, easy-to-use solution, delivering consistent insights whether it’s through ad hoc queries and analysis, interactive dashboards, scorecards, OLAP, or reporting. And, your existing enterprise applications can leverage the rich social networking capabilities and content sharing that users have come to expect in consumer software. Oracle Fusion Middleware is based on 100 percent open standards, so you aren’t locked into one deployment model when your business requirements change.

Con 8810 who should have access to what - final Con 8810 who should have access to what - final Presentation Transcript

  • 1 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • CON 8810 Who Should Have Access to What – Better Risk Management with Identity Governance Neil Gandhi Product Manager Oracle Identity Governance 2 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decision. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 3 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Session Goals  Understand the current market trends regarding Access Compliance and Risk Management  Realize the benefits of an Identity Governance platform and how it can help meet your everyday Compliance and Risk Management challenges  Hear from and engage with customers regarding their experiences with managing Risk by implementing an Identity Governance solution 4 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Program Agenda  Market Trends  Risk Management & Compliance with Oracle Identity Governance  Panel Discussion  Q&A 5 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Market Trends 6 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Explosion of Scale • Few Administrators • Handful of Audit Staff • Too many privileged accounts 7 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Getting the right access is hard 8 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Market Trends Compliance Requires Business User Participation  Increasing volume and frequency of employee access certifications  Business Users do not understand what they are attesting to  IT and Compliance teams struggle with “Who should have access to what” 9 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Enterprise Certification Requirements Who’s who & what can they do? Extract Entitlement s Ad Hoc 10 Review Entitlement s Complex Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Correlate Results Remediate Access Un-auditable Non-verifiable
  • Market Trends Scale requirements are increasing Corp PCs 400M Enterprise Facebook 800M Social China 1.3B Citizen Cell Phones 5B + Mobile Moving from employee to massive scale for even small companies. 11 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Risk Management & Compliance with Oracle Identity Governance 12 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Oracle Identity Governance Governance Platform Connectors Provision De-Provision Grant User Access Monitor User Access Privileged Account Request Access Request Role Lifecycle Management Roles Check-in/ Checkout Identity Certifications Access Catalog IT Audit Monitoring Rogue Detection & Reconciliation Ownership, Risk & Audit Objectives Entitlements Accounts Glossaries 13 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Reporting & Privileged Access Monitoring Catalog Management
  • Oracle Identity Governance Access Catalog Harvesting Catalog Definition Catalog Enrichment 14 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Oracle Identity Manager Provisioning with Preventative SOD Controls 15 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • A Smarter Approach to Identity Compliance Reduce Cost, Time & Risk $ Identity Warehouse Aggregating Information & Building a Catalog 16 Prioritizing & Automating Certification Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Closed-Loop Feedback & Remediation Simplified User Experience & Reporting
  • Automate Identity Based Controls 1 Set Up Periodic Review 2 Reviewer Is Notified Goes to Self Service 3 Automated Action is taken based on Periodic Review 4 Report Built And Results Stored in DB Reviewer Selections What Is Reviewed? Certify Reject Who Reviews It? Decline Email Result to User Automatically Terminate User via Closed Loop Remediation Notify the Process Owner Archive Delegate Start When? How Often? 17 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Notify Delegated Reviewer Attested Data Attestation Actions Delegation Paths Comments
  • Oracle Identity Manager 11g R2 Provisioning Context with Identity Auditor 18 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Focusing on What (Who) Matters Most High Risk  Leverage data collected to streamline access certification  Prioritize certifications based on user risk profiles  Aggregate risk profile over the ENTIRE lifecycle 19 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Risk Based Certification Identity Warehouse Applications Risk Factors Identity Data Sources DB Roles Certification History Entitlements Mainframe Provisioning Events Resources Risk Aggregation Low Risk User Bulk Certify High Risk User Cert360 Approve Reject Focused Sign-off 20 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Policy Violations
  • Automate The Remediation Entitlement Report Entitlement Review AutoRemediate 21 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. • Focus Loop Remediation Close on Large Scale • Quick Extract Desk Volume Reduce Help Transform Load • Rolling Certifications Complete Audit Trail • Rolling Data Import Increase Throughput • Large Volume Remediation
  • Customer Panel Discussion 22 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Customer Panel Patrick Landry 23 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. David Mathias Robert House
  • Demo Pods Moscone South Oracle Identity Governance Suite: Managing Privileged Accounts from Your Identity Platform 24 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Moscone South Oracle Identity Governance Suite: Complete Identity Lifecycle Management Moscone South Identity Management Monitoring with Oracle Enterprise Manager
  • Sessions Not to Miss Tuesday 10:30 am – 11:30am • CON8811: Converged Identity Governance for Speeding up Business and Reducing Cost Moscone West, Room 2018 • Justifying and Planning a Successful Identity Management Upgrade Moscone West, Room 2018 Wednesday 1.15 pm – 2.15 pm 25 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Join the Oracle Community Twitter twitter.com/OracleIDM Facebook facebook.com/OracleIDM Oracle Blogs Blogs.oracle.com/OracleIDM Oracle.com/Identity 26 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Innovation Awards 18 Winners Across Eight Categories Lam Research Theater (Next to Moscone North) Session ID: CON8082 Session Title: Oracle Fusion Middleware: Meet This Year’s Most Impressive Innovators Venue / Room: YBCA - Lam Research Theater Date and Time: Monday Sep 23, 4:45 - 5:45 p.m. 27 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • Oracle Fusion Middleware Business Innovation Platform for the Enterprise and Cloud  Complete and Integrated Web Social Mobile  Best-in-class User Engagement Business Process Management  Open standards Content Management Service Integration Business Intelligence Data Integration Identity Management Development Tools 28 Cloud Application Foundation Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Enterprise Management  On-premise and Cloud  Foundation for Oracle Fusion Applications and Oracle Cloud
  • 29 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
  • 30 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.