The imperative for many organizations is to capture customers and provide a great experience both in products and service.Organizations will deploy more services in the cloud to make it easy for customers to adopt and pay as you go The risks are How do you manage the liability that comes with fraud and stolen credentials ?How do you protect your customers and provide the visibility for them to manage their security ?How do you create the confidence to assure customers their data is safeHow many of you changed your linked in passwords then changed all of the other website passwords that used the linked in password ?Organizations are also connecting with users on social media Because we want the real time response of customers and we want affluence to our brand ?How many followers do you have… how much do your followers trust you.Users today are afraid to trust their personal information to corporate websites to get offers ?How can you assure these users and provide an easy way for them to connect without incurring the risk ?It’s a bring your own device culture The next device on your network will have an OS version you cant predict and will execute applications your IT dept did not approve.How do you bridge the trust gap between the mobile world of random devices to provide secure digital access
The way we do business will change. The enterprise is embracing a new digital experience.58% or organizations are building mobile app store 62% of our customers will provide mobile apps by 2014 And the world will re-architect to embrace the cloud.
Organizations have to adapt The challenge we are facing is how to adapt and adapt quickly. Because unless we adapt we can’t unlock the opportunity. The way to adapt is to close the gap between the cloud mobile and social world. We have to be able to make the cloud transparent by applying our security controls from the enterprise to the cloud mobile and social world.While the technologies around virtualization, cloud automation and social media analytics have advanced our security is the next concern of adapting to the challenge. To adapt we need Trust – A way to trust the 3rd parties connecting on the cloud – understand Who’s Who and what should they have access to Speed – Detect issues and respond – but also accelerate the administration – WE HAVE TO BRIDGE THE SERVICE REQUEST GAPScale – Handle the massive volumes of devices and and accounts that require authentication and authorization – It has to be granular. 82% of large organizations report that they are "very concerned" or "concerned" about data leakage as related to the social web. (Forrester, 2010)Securing access is the top priority.The fact that 76% of mobile applications store passwords in plain text on the device should be of concern. – Securing access is a top priority for mobile applications social networking and cloud environments. * The proliferation of accounts and passwords alone is a significant concern in these environments that introduces risk – The breaches we are afraid of will happen when someone takes advantage of a rouge account in these environments.When employees create accounts on social media and cloud computing services we have to track these accounts and be able to manage the access control with the same level of responsiveness and service level commitment of the enterprise resources Managing the Consumer Lifecycle and Interaction.Every industry from consumer finance to pharmaceuticals is utilizing social media and mobile access as a means to interact with the consumer. We now have to manage the access lifecycle of those consumers on our website and recognize the level of relationship . Some consumers want to sign on with their facebook account or linked in account. We have to provide this to simplify the interaction. 50% of Fortune 100 companies hire through LinkedIn. (Econsultancy 2010)85% of financial services professionals under 50 are utilizing social media. (Ledermark, 2010)Restore control and prove compliance Providing the forensics and audit-ability need in a tough regulatory climate.
Oracle is uniquely positioned to be the premier vendor when it comes to directory services. As a result of Oracle and Sun combining forces we are uniquely positoned as not only the strongest and most complete identity management vendors but as the Only Vendor who can offer a directory server, directory integration platform and virtual directory in one license. This is critical to companies that want to world class performance, a complete tool set and want to reduce cost by managing one vendor rather than sourcing and negotiating with different providers. Let’s take a look at why this complete toolset is critical in today’s business environement.
Oracle Access Manager for Mobile and Social OverviewConnects mobile users to identity services using REST interfacesOrganizations can bridge the security gap between the enterprise and mobile devices. With RESTful identity services, rich mobile applications can access stateless identity functions from mobile devices which are limited by processing capacity and battery power. Delivers SSO for native mobile applications Traditional mobile security solutions like VPN tunnels are limited in that they cannot overcome the problem of SSO for native mobile apps. OAM-M&S simplifies SSO across rich mobile apps and browser applications. This reduces the number of logins required for enterprise applications from the native mobile screen. Enables sign on from 3rd party and Social identities to Enterprise resourcesWith the proliferation of social networking sites, there is a need for relying parties to consume identities from internet identity providers like Facebook, Twitter, LinkedIn, Google and Yahoo. Many of these providers support user centric federation standards like OpenID and Oauth. OAM-M&S enables organizations to accept internet identities for signing on users to low value applications like blogs, communities, etc. This in turn can provide a seamless user experience for users without the burden of additional logins.Supports industry standards (OpenID, OAuth)Oracle IDM supports OpenID and Oauth. So with Oracle Identity Management we are making it easier for relying parties to accept identities from internet identity providers like Facebook, Twitter, LinkedIn, Google and Yahoo.
Native browser to web server to data/appNative app with embedded browser to web server to data/app3) Native app using native protocol direct to data/app
Risk analysis to determine whether to allow, flag, challenge or blockEnforce unjailbroken status, check VPN statusDetailed reporting on device attributes like OS version, GPS/WIFI geolocation, MAC/IP address
Mobile or Web basedCan plug in to existing OAM deployments