SlideShare a Scribd company logo

Keynote oracle entitlement-driven idm

Normand Sauve
Normand Sauve
TechnologyBusiness
1 of 21
Download to read offline
1 Copyright © 2011, Oracle. Proprietary and Confidential
<Insert Picture Here> The Imperative for Entitlement-Driven Identity Management Normand Sauvé Security Sales Manager Carl Potvin Principal Sales Consultant
The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 3 Copyright © 2011, Oracle. Proprietary and Confidential
The Situation •  Security breaches are proliferating •  Compliance costs are increasing –  40% of IT budget spent on compliance •  Tougher regulatory environment 4 Copyright © 2011, Oracle. Proprietary and Confidential
The Trend is Set to Continue The Root Cause Of All Breaches Is Poor Access Control Total # of records compromised 361 M by breaches 4M •  Social Engineering Attacks Hacking for Fame (11% of all breaches) < 1M •  Hacking (up 10% from 2010) •  Privilege Abuse Hacking for Fun Source: Verizon Data Breach Report 2011 (17% of all breaches) 2004 2009 2011 1990 1995 2000 2005 2008 5 Copyright © 2011, Oracle. Proprietary and Confidential
Current Approach is Fragmented Hurts Transparency & Business Agility •  Disconnected Security Policy •  Poor Correlation for Forensics •  Fragmented View of User •  Costly Integration Fragmentation causes Latency •  Removing separated users •  Detecting user job role change •  Restricting data access quickly Source: The Value of Corporate Secrets by Forrester Consulting (March 2010) 6 Copyright © 2011, Oracle. Proprietary and Confidential
Today We Are Reactive Harden Perimeter Social Engineering Attacks Secure End-Point Attacks on Servers Invest in Monitoring Privileged Account Abuse We react... But criminals get wiser Most traditional security solutions get breached eventually 7 Copyright © 2011, Oracle. Proprietary and Confidential
We Need to Change Our Thinking Security should be proactive just like the body’s immune system prevents diseases 8 Copyright © 2011, Oracle. Proprietary and Confidential
Identity Management Has to Evolve •  Less Fragmentation Analytics •  Better Visibility •  Increased ROI Context Control Risk Management Audit Administration Authentication Identity Tools Point Solutions Platform Intelligence 9 Copyright © 2011, Oracle. Proprietary and Confidential
Analytics – Actionable Intelligence Report Certify Acquire Correlate Remediate Convert Preventive Detective •  Automated certification review •  Analysis of who did what •  Intelligent risk scoring •  Correlation of activities •  Workflow based remediation •  Anomaly detection 10 Copyright © 2011, Oracle. Proprietary and Confidential
Context – Trust but Verify Step up Step up Authorization Authorization Alert Rules Patterns Behavior Access: Authentication Transactional: Authorization •  Location and device aware •  Based on historical behavior •  Pattern detection •  Policy based •  Predictive analysis •  Knowledge based step up Authorized 11 Copyright © 2011, Oracle. Proprietary and Confidential
Control – Continuous and Efficient Onboard Mine & Define Declarative Security Change Offboard Change Test & Access Deploy Externalized Policy User Lifecycle Role Lifecycle Scalable enforcement Administration Entitlements •  Role based on boarding/change •  Separation of duties •  Central view of user access •  Central policy enforcement •  Immediate de-provisioning •  Dynamic RBAC 12 Copyright © 2011, Oracle. Proprietary and Confidential
An Entitlement-Driven Approach to Identity Administer Synchronize Access Identities Administration Access Design Build Controls Controls Entitlement Driven Monitor Analytics Controls Intelligence Authority Automate Certify Reporting Controls 13 Copyright © 2011, Oracle. Proprietary and Confidential
An Entitlement-Driven Platform Changes Everything Before After An Entitlement-Driven Platform facilitates identity management based on intelligence and context 14 Copyright © 2011, Oracle. Proprietary and Confidential
The Platform Achieves Harmony Security •  Simplified support Governor •  Consistent and synchronized •  Single source of security policy Access Enterprise Manager •  Integrated with Fusion Middleware SSO •  Integrated with Fusion Apps Adaptive Directory Access Services Manager Entitlements Enterprise Server Gateway Identity Identity Manager Analytics 15 Copyright © 2011, Oracle. Proprietary and Confidential
The Platform Makes All the Difference Benefits Oracle IAM Suite Advantage Increased End-User Productivity •  Emergency Access •  11% faster •  End-user Self Service •  30% faster Reduced Risk •  Suspend/revoke/de-provision end user access •  46% faster •  Bullet Enhanced Agility •  Integrate a new app faster with the IAM infrastructure •  64% faster •  Integrate a new end user role •  73% faster faster into the solution Enhanced Security •  Reduces unauthorized access •  14% fewer and Compliance •  Reduces audit deficiencies •  35% fewer Reduced Total Cost •  Reduces total cost of IAM •  48% lower initiatives Source: Aberdeen Group, June 2011 16 Copyright © 2011, Oracle. Proprietary and Confidential
Case Study – Schneider National BUSINESS CHALLENGE ORACLE SOLUTION •  20,000 users scaling up to 65,000 on three •  Replace Tivoli Identity Manager with OIM for continents in a high availability configuration. password reset •  Systems include OTM (Oracle Transportation •  OAM for centralized Authn, Authz and SSO for Manager), many eBS modules, Siebel, AD, 100’s of apps Exchange, and several OID’s managing different •  ORM for corporate RBAC project user stores •  Real time integration of Siebel and eBS identities •  Decided to overhaul entire IT infrastructure, with OIM move away from legacy home grown and •  Provided virtualized single user store from packaged applications to support their business disparate populations with OVD •  Provide customers self-service access to their own accounts •  Enforce least- privilege access through automated provisioning for add, changes, and •  Ongoing M&A and divesture activities disables (ORM / OIM) RESULTS •  Reduce the number of calls to the helpdesk for password reset •  Reduce the number of days to on-board users from 5 days to less than 24 hours •  Standardize the family of companies on an Identity Management platform reducing costs across the enterprise •  Reduce the complexity of the RBAC used to provide access to users 17 Copyright © 2011, Oracle. Proprietary and Confidential 17
One Company, One Solution, One Stack  Proven vendor •  Acquire and retain best of breed technology and talent •  Battle-tested for large, mission-critical applications •  Referenceable, award-winning customer deployments  Most complete and integrated best-of- breed portfolio •  Service-Oriented Security •  Interoperable components  Future proof investment •  Standards-based and hot pluggable for easy integration •  Established deployment best practices •  Large implementation ecosystem 18 Copyright © 2011, Oracle. Proprietary and Confidential
Q&A 19 | © 2011 Oracle Corporation – Proprietary and Confidential
20 | © 2011 Oracle Corporation – Proprietary and Confidential
21 | © 2011 Oracle Corporation – Proprietary and Confidential

Recommended

Secure Enterprise Cloud
Secure Enterprise CloudSecure Enterprise Cloud
Secure Enterprise CloudIndu Kodukula
 
SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011Satish Hemachandran
 
Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationSådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationIBM Danmark
 
Security Intelligence
Security IntelligenceSecurity Intelligence
Security IntelligenceIBMGovernmentCA
 
SLAS Informatics SIG: SLAS2013 Presentation
SLAS Informatics SIG: SLAS2013 PresentationSLAS Informatics SIG: SLAS2013 Presentation
SLAS Informatics SIG: SLAS2013 PresentationSLAS (Society for Laboratory Automation and Screening)
 
Testing cloud services - EuroSTAR
Testing cloud services - EuroSTARTesting cloud services - EuroSTAR
Testing cloud services - EuroSTARJeroen Mengerink
 
Catelas - Conducting cost effective Internal Investigations
Catelas - Conducting cost effective Internal InvestigationsCatelas - Conducting cost effective Internal Investigations
Catelas - Conducting cost effective Internal InvestigationsRob Levey
 
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared CarstensenCyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensenjaredcarst
 

Recommended

Secure Enterprise Cloud
Secure Enterprise CloudSecure Enterprise Cloud
Secure Enterprise CloudIndu Kodukula
 
SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011Satish Hemachandran
 
Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationSådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationIBM Danmark
 
Security Intelligence
Security IntelligenceSecurity Intelligence
Security IntelligenceIBMGovernmentCA
 
SLAS Informatics SIG: SLAS2013 Presentation
SLAS Informatics SIG: SLAS2013 PresentationSLAS Informatics SIG: SLAS2013 Presentation
SLAS Informatics SIG: SLAS2013 PresentationSLAS (Society for Laboratory Automation and Screening)
 
Testing cloud services - EuroSTAR
Testing cloud services - EuroSTARTesting cloud services - EuroSTAR
Testing cloud services - EuroSTARJeroen Mengerink
 
Catelas - Conducting cost effective Internal Investigations
Catelas - Conducting cost effective Internal InvestigationsCatelas - Conducting cost effective Internal Investigations
Catelas - Conducting cost effective Internal InvestigationsRob Levey
 
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared CarstensenCyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensenjaredcarst
 
OOW 2009 EBS Security R12
OOW 2009 EBS Security R12OOW 2009 EBS Security R12
OOW 2009 EBS Security R12jucaab
 
Strategies for Web Application Security
Strategies for Web Application SecurityStrategies for Web Application Security
Strategies for Web Application SecurityOpSource
 
Trend micro data protection
Trend micro data protectionTrend micro data protection
Trend micro data protectionAndrew Wong
 
High Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerHigh Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerNovell
 
Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012Seema Sheth-Voss
 
Security White Paper
Security White PaperSecurity White Paper
Security White PaperMobiWee
 
Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Symantec APJ
 
Cat6500 Praesentation
Cat6500 PraesentationCat6500 Praesentation
Cat6500 PraesentationSophan_Pheng
 
Document%20 Safer%20 Introduction
Document%20 Safer%20 IntroductionDocument%20 Safer%20 Introduction
Document%20 Safer%20 Introductionerry wardhana
 
Hp Fortify Pillar
Hp Fortify PillarHp Fortify Pillar
Hp Fortify PillarEd Wong
 
Introduction - The Smart Protection Network
Introduction - The Smart Protection NetworkIntroduction - The Smart Protection Network
Introduction - The Smart Protection NetworkAndrew Wong
 
Legal Pluralism, Alemayehu Fentaw
Legal Pluralism, Alemayehu FentawLegal Pluralism, Alemayehu Fentaw
Legal Pluralism, Alemayehu Fentawlegalservices
 
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011IBM Sverige
 
Complex Discovery Ethics Efficiency And Economics (Overview) 1108
Complex Discovery Ethics Efficiency And Economics (Overview) 1108Complex Discovery Ethics Efficiency And Economics (Overview) 1108
Complex Discovery Ethics Efficiency And Economics (Overview) 1108Rob Robinson
 
Cyber security assocham
Cyber security assochamCyber security assocham
Cyber security assochamnmrdkoz
 
Securing the Human (人を守るセキュリティ)
Securing the Human (人を守るセキュリティ)Securing the Human (人を守るセキュリティ)
Securing the Human (人を守るセキュリティ)itforum-roundtable
 
Fighting Fraud With Digital Forensics
Fighting Fraud With Digital ForensicsFighting Fraud With Digital Forensics
Fighting Fraud With Digital ForensicsTOMMY SEAH
 
Securing Internet Payment Systems
Securing Internet Payment SystemsSecuring Internet Payment Systems
Securing Internet Payment SystemsDomenico Catalano
 
Data Leakage Prevention
Data Leakage PreventionData Leakage Prevention
Data Leakage PreventionBen Omoakin Oguntala, developingafrica(dot)net
 
Oracle security-formula
Oracle security-formulaOracle security-formula
Oracle security-formulaOracleIDM
 
Talk IT_ Oracle_김상엽_110822
Talk IT_ Oracle_김상엽_110822Talk IT_ Oracle_김상엽_110822
Talk IT_ Oracle_김상엽_110822Cana Ko
 
Sw keynote
Sw keynoteSw keynote
Sw keynotegueste69f645
 

More Related Content

What's hot

OOW 2009 EBS Security R12
OOW 2009 EBS Security R12OOW 2009 EBS Security R12
OOW 2009 EBS Security R12jucaab
 
Strategies for Web Application Security
Strategies for Web Application SecurityStrategies for Web Application Security
Strategies for Web Application SecurityOpSource
 
Trend micro data protection
Trend micro data protectionTrend micro data protection
Trend micro data protectionAndrew Wong
 
High Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerHigh Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerNovell
 
Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012Seema Sheth-Voss
 
Security White Paper
Security White PaperSecurity White Paper
Security White PaperMobiWee
 
Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Symantec APJ
 
Cat6500 Praesentation
Cat6500 PraesentationCat6500 Praesentation
Cat6500 PraesentationSophan_Pheng
 
Document%20 Safer%20 Introduction
Document%20 Safer%20 IntroductionDocument%20 Safer%20 Introduction
Document%20 Safer%20 Introductionerry wardhana
 
Hp Fortify Pillar
Hp Fortify PillarHp Fortify Pillar
Hp Fortify PillarEd Wong
 
Introduction - The Smart Protection Network
Introduction - The Smart Protection NetworkIntroduction - The Smart Protection Network
Introduction - The Smart Protection NetworkAndrew Wong
 
Legal Pluralism, Alemayehu Fentaw
Legal Pluralism, Alemayehu FentawLegal Pluralism, Alemayehu Fentaw
Legal Pluralism, Alemayehu Fentawlegalservices
 
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011IBM Sverige
 
Complex Discovery Ethics Efficiency And Economics (Overview) 1108
Complex Discovery Ethics Efficiency And Economics (Overview) 1108Complex Discovery Ethics Efficiency And Economics (Overview) 1108
Complex Discovery Ethics Efficiency And Economics (Overview) 1108Rob Robinson
 
Cyber security assocham
Cyber security assochamCyber security assocham
Cyber security assochamnmrdkoz
 
Securing the Human (人を守るセキュリティ)
Securing the Human (人を守るセキュリティ)Securing the Human (人を守るセキュリティ)
Securing the Human (人を守るセキュリティ)itforum-roundtable
 
Fighting Fraud With Digital Forensics
Fighting Fraud With Digital ForensicsFighting Fraud With Digital Forensics
Fighting Fraud With Digital ForensicsTOMMY SEAH
 
Securing Internet Payment Systems
Securing Internet Payment SystemsSecuring Internet Payment Systems
Securing Internet Payment SystemsDomenico Catalano
 

What's hot (19)

OOW 2009 EBS Security R12
OOW 2009 EBS Security R12OOW 2009 EBS Security R12
OOW 2009 EBS Security R12
 
Strategies for Web Application Security
Strategies for Web Application SecurityStrategies for Web Application Security
Strategies for Web Application Security
 
Trend micro data protection
Trend micro data protectionTrend micro data protection
Trend micro data protection
 
High Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log ManagerHigh Availability and Disaster Recovery with Novell Sentinel Log Manager
High Availability and Disaster Recovery with Novell Sentinel Log Manager
 
Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012
 
Security White Paper
Security White PaperSecurity White Paper
Security White Paper
 
Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16
 
Cat6500 Praesentation
Cat6500 PraesentationCat6500 Praesentation
Cat6500 Praesentation
 
Document%20 Safer%20 Introduction
Document%20 Safer%20 IntroductionDocument%20 Safer%20 Introduction
Document%20 Safer%20 Introduction
 
Hp Fortify Pillar
Hp Fortify PillarHp Fortify Pillar
Hp Fortify Pillar
 
Introduction - The Smart Protection Network
Introduction - The Smart Protection NetworkIntroduction - The Smart Protection Network
Introduction - The Smart Protection Network
 
Legal Pluralism, Alemayehu Fentaw
Legal Pluralism, Alemayehu FentawLegal Pluralism, Alemayehu Fentaw
Legal Pluralism, Alemayehu Fentaw
 
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
 
Complex Discovery Ethics Efficiency And Economics (Overview) 1108
Complex Discovery Ethics Efficiency And Economics (Overview) 1108Complex Discovery Ethics Efficiency And Economics (Overview) 1108
Complex Discovery Ethics Efficiency And Economics (Overview) 1108
 
Cyber security assocham
Cyber security assochamCyber security assocham
Cyber security assocham
 
Securing the Human (人を守るセキュリティ)
Securing the Human (人を守るセキュリティ)Securing the Human (人を守るセキュリティ)
Securing the Human (人を守るセキュリティ)
 
Fighting Fraud With Digital Forensics
Fighting Fraud With Digital ForensicsFighting Fraud With Digital Forensics
Fighting Fraud With Digital Forensics
 
Securing Internet Payment Systems
Securing Internet Payment SystemsSecuring Internet Payment Systems
Securing Internet Payment Systems
 
Data Leakage Prevention
Data Leakage PreventionData Leakage Prevention
Data Leakage Prevention
 

Similar to Keynote oracle entitlement-driven idm

Oracle security-formula
Oracle security-formulaOracle security-formula
Oracle security-formulaOracleIDM
 
Talk IT_ Oracle_김상엽_110822
Talk IT_ Oracle_김상엽_110822Talk IT_ Oracle_김상엽_110822
Talk IT_ Oracle_김상엽_110822Cana Ko
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud finalOracleIDM
 
A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1OracleIDM
 
Best Practices for Cloud Security
Best Practices for Cloud SecurityBest Practices for Cloud Security
Best Practices for Cloud SecurityIT@Intel
 
Best Practice For Public Sector Information Security And Compliance
Best Practice For Public Sector Information Security And ComplianceBest Practice For Public Sector Information Security And Compliance
Best Practice For Public Sector Information Security And ComplianceOracle
 
Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010Oracle BH
 
Implementing and Proving Compliance Tactics with Novell Compliance Management...
Implementing and Proving Compliance Tactics with Novell Compliance Management...Implementing and Proving Compliance Tactics with Novell Compliance Management...
Implementing and Proving Compliance Tactics with Novell Compliance Management...Novell
 
Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02Shafaq Abdullah
 
Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02Shafaq Abdullah
 
DSS ITSEC Conference 2012 - CENTRIFY
DSS ITSEC Conference 2012 - CENTRIFYDSS ITSEC Conference 2012 - CENTRIFY
DSS ITSEC Conference 2012 - CENTRIFYAndris Soroka
 
Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1OracleIDM
 
Refense Security Risk Briefing July 2009
Refense Security Risk Briefing July 2009Refense Security Risk Briefing July 2009
Refense Security Risk Briefing July 2009apompliano
 
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...HyTrust
 
Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracleIDM
 
Identity Insights: Social, Local and Mobile Identity
Identity Insights: Social, Local and Mobile IdentityIdentity Insights: Social, Local and Mobile Identity
Identity Insights: Social, Local and Mobile IdentityJon Bultmeyer
 

Similar to Keynote oracle entitlement-driven idm (20)

Oracle security-formula
Oracle security-formulaOracle security-formula
Oracle security-formula
 
Talk IT_ Oracle_김상엽_110822
Talk IT_ Oracle_김상엽_110822Talk IT_ Oracle_김상엽_110822
Talk IT_ Oracle_김상엽_110822
 
Sw keynote
Sw keynoteSw keynote
Sw keynote
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud final
 
A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1
 
Best Practices for Cloud Security
Best Practices for Cloud SecurityBest Practices for Cloud Security
Best Practices for Cloud Security
 
Best Practice For Public Sector Information Security And Compliance
Best Practice For Public Sector Information Security And ComplianceBest Practice For Public Sector Information Security And Compliance
Best Practice For Public Sector Information Security And Compliance
 
Oracle a TBIZ2011
Oracle a TBIZ2011Oracle a TBIZ2011
Oracle a TBIZ2011
 
Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010
 
Implementing and Proving Compliance Tactics with Novell Compliance Management...
Implementing and Proving Compliance Tactics with Novell Compliance Management...Implementing and Proving Compliance Tactics with Novell Compliance Management...
Implementing and Proving Compliance Tactics with Novell Compliance Management...
 
Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02
 
Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02
 
DSS ITSEC Conference 2012 - CENTRIFY
DSS ITSEC Conference 2012 - CENTRIFYDSS ITSEC Conference 2012 - CENTRIFY
DSS ITSEC Conference 2012 - CENTRIFY
 
Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1
 
On Demand Cloud Services Coury
On Demand Cloud Services CouryOn Demand Cloud Services Coury
On Demand Cloud Services Coury
 
Refense Security Risk Briefing July 2009
Refense Security Risk Briefing July 2009Refense Security Risk Briefing July 2009
Refense Security Risk Briefing July 2009
 
Presentatie mc afee emm 2011
Presentatie mc afee emm 2011Presentatie mc afee emm 2011
Presentatie mc afee emm 2011
 
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
 
Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcast
 
Identity Insights: Social, Local and Mobile Identity
Identity Insights: Social, Local and Mobile IdentityIdentity Insights: Social, Local and Mobile Identity
Identity Insights: Social, Local and Mobile Identity
 

Recently uploaded

Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 

Recently uploaded (20)

Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 

Keynote oracle entitlement-driven idm

  • 1. 1 Copyright © 2011, Oracle. Proprietary and Confidential
  • 2. <Insert Picture Here> The Imperative for Entitlement-Driven Identity Management Normand Sauvé Security Sales Manager Carl Potvin Principal Sales Consultant
  • 3. The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 3 Copyright © 2011, Oracle. Proprietary and Confidential
  • 4. The Situation •  Security breaches are proliferating •  Compliance costs are increasing –  40% of IT budget spent on compliance •  Tougher regulatory environment 4 Copyright © 2011, Oracle. Proprietary and Confidential
  • 5. The Trend is Set to Continue The Root Cause Of All Breaches Is Poor Access Control Total # of records compromised 361 M by breaches 4M •  Social Engineering Attacks Hacking for Fame (11% of all breaches) < 1M •  Hacking (up 10% from 2010) •  Privilege Abuse Hacking for Fun Source: Verizon Data Breach Report 2011 (17% of all breaches) 2004 2009 2011 1990 1995 2000 2005 2008 5 Copyright © 2011, Oracle. Proprietary and Confidential
  • 6. Current Approach is Fragmented Hurts Transparency & Business Agility •  Disconnected Security Policy •  Poor Correlation for Forensics •  Fragmented View of User •  Costly Integration Fragmentation causes Latency •  Removing separated users •  Detecting user job role change •  Restricting data access quickly Source: The Value of Corporate Secrets by Forrester Consulting (March 2010) 6 Copyright © 2011, Oracle. Proprietary and Confidential
  • 7. Today We Are Reactive Harden Perimeter Social Engineering Attacks Secure End-Point Attacks on Servers Invest in Monitoring Privileged Account Abuse We react... But criminals get wiser Most traditional security solutions get breached eventually 7 Copyright © 2011, Oracle. Proprietary and Confidential
  • 8. We Need to Change Our Thinking Security should be proactive just like the body’s immune system prevents diseases 8 Copyright © 2011, Oracle. Proprietary and Confidential
  • 9. Identity Management Has to Evolve •  Less Fragmentation Analytics •  Better Visibility •  Increased ROI Context Control Risk Management Audit Administration Authentication Identity Tools Point Solutions Platform Intelligence 9 Copyright © 2011, Oracle. Proprietary and Confidential
  • 10. Analytics – Actionable Intelligence Report Certify Acquire Correlate Remediate Convert Preventive Detective •  Automated certification review •  Analysis of who did what •  Intelligent risk scoring •  Correlation of activities •  Workflow based remediation •  Anomaly detection 10 Copyright © 2011, Oracle. Proprietary and Confidential
  • 11. Context – Trust but Verify Step up Step up Authorization Authorization Alert Rules Patterns Behavior Access: Authentication Transactional: Authorization •  Location and device aware •  Based on historical behavior •  Pattern detection •  Policy based •  Predictive analysis •  Knowledge based step up Authorized 11 Copyright © 2011, Oracle. Proprietary and Confidential
  • 12. Control – Continuous and Efficient Onboard Mine & Define Declarative Security Change Offboard Change Test & Access Deploy Externalized Policy User Lifecycle Role Lifecycle Scalable enforcement Administration Entitlements •  Role based on boarding/change •  Separation of duties •  Central view of user access •  Central policy enforcement •  Immediate de-provisioning •  Dynamic RBAC 12 Copyright © 2011, Oracle. Proprietary and Confidential
  • 13. An Entitlement-Driven Approach to Identity Administer Synchronize Access Identities Administration Access Design Build Controls Controls Entitlement Driven Monitor Analytics Controls Intelligence Authority Automate Certify Reporting Controls 13 Copyright © 2011, Oracle. Proprietary and Confidential
  • 14. An Entitlement-Driven Platform Changes Everything Before After An Entitlement-Driven Platform facilitates identity management based on intelligence and context 14 Copyright © 2011, Oracle. Proprietary and Confidential
  • 15. The Platform Achieves Harmony Security •  Simplified support Governor •  Consistent and synchronized •  Single source of security policy Access Enterprise Manager •  Integrated with Fusion Middleware SSO •  Integrated with Fusion Apps Adaptive Directory Access Services Manager Entitlements Enterprise Server Gateway Identity Identity Manager Analytics 15 Copyright © 2011, Oracle. Proprietary and Confidential
  • 16. The Platform Makes All the Difference Benefits Oracle IAM Suite Advantage Increased End-User Productivity •  Emergency Access •  11% faster •  End-user Self Service •  30% faster Reduced Risk •  Suspend/revoke/de-provision end user access •  46% faster •  Bullet Enhanced Agility •  Integrate a new app faster with the IAM infrastructure •  64% faster •  Integrate a new end user role •  73% faster faster into the solution Enhanced Security •  Reduces unauthorized access •  14% fewer and Compliance •  Reduces audit deficiencies •  35% fewer Reduced Total Cost •  Reduces total cost of IAM •  48% lower initiatives Source: Aberdeen Group, June 2011 16 Copyright © 2011, Oracle. Proprietary and Confidential
  • 17. Case Study – Schneider National BUSINESS CHALLENGE ORACLE SOLUTION •  20,000 users scaling up to 65,000 on three •  Replace Tivoli Identity Manager with OIM for continents in a high availability configuration. password reset •  Systems include OTM (Oracle Transportation •  OAM for centralized Authn, Authz and SSO for Manager), many eBS modules, Siebel, AD, 100’s of apps Exchange, and several OID’s managing different •  ORM for corporate RBAC project user stores •  Real time integration of Siebel and eBS identities •  Decided to overhaul entire IT infrastructure, with OIM move away from legacy home grown and •  Provided virtualized single user store from packaged applications to support their business disparate populations with OVD •  Provide customers self-service access to their own accounts •  Enforce least- privilege access through automated provisioning for add, changes, and •  Ongoing M&A and divesture activities disables (ORM / OIM) RESULTS •  Reduce the number of calls to the helpdesk for password reset •  Reduce the number of days to on-board users from 5 days to less than 24 hours •  Standardize the family of companies on an Identity Management platform reducing costs across the enterprise •  Reduce the complexity of the RBAC used to provide access to users 17 Copyright © 2011, Oracle. Proprietary and Confidential 17
  • 18. One Company, One Solution, One Stack  Proven vendor •  Acquire and retain best of breed technology and talent •  Battle-tested for large, mission-critical applications •  Referenceable, award-winning customer deployments  Most complete and integrated best-of- breed portfolio •  Service-Oriented Security •  Interoperable components  Future proof investment •  Standards-based and hot pluggable for easy integration •  Established deployment best practices •  Large implementation ecosystem 18 Copyright © 2011, Oracle. Proprietary and Confidential
  • 19. Q&A 19 | © 2011 Oracle Corporation – Proprietary and Confidential
  • 20. 20 | © 2011 Oracle Corporation – Proprietary and Confidential
  • 21. 21 | © 2011 Oracle Corporation – Proprietary and Confidential