How Oracle is helping Enterprise move to the Cloud securily with Security Solutions

1. Bridging the Security Gap Between the
Enterprise and Cloud
Sponsored by
1 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 8

2. This document is for informational purposes. It is not a commitment
to deliver any material, code, or functionality, and should not be relied
upon in making purchasing decisions. The development, release,
and timing of any features or functionality described in this document
remains at the sole discretion of Oracle. This document in any form,
software or printed matter, contains proprietary information that is the
exclusive property of Oracle. This document and information
contained herein may not be disclosed, copied, reproduced or
distributed to anyone outside Oracle without prior written consent of
Oracle. This document is not part of your license agreement nor can
it be incorporated into any contractual agreement with Oracle or its
subsidiaries or affiliates.

3. Agenda
• Barriers to Cloud Adoption
• Security Gaps Between Enterprise and Cloud
• Oracle Identity Management
• Case Studies
• Summary

4. Oracle Cloud Offerings – Identity Management
Private Cloud Products Private & Public Cloud Services
Applications Oracle Cloud Services Oracle Public Cloud
Oracle Applications Fusion Fusion Oracle
Oracle Applications HCM Cloud CRM Cloud Social
On Demand Service Service Network
Platform as a Service
Cloud Control
SOA Suite & Data Integration Identity & WebCenter User
Oracle Enterprise Manager
BPM Suite & GoldenGate Access Mgmt Engagement
Cloud Management
Middleware On Demand
Cloud Application Foundation: WebLogic Server, Exalogic On Demand
Oracle Java Cloud Service
Coherence, JRockit, Exalogic Elastic Cloud
Oracle Database, MySQL, Database On Demand
Oracle Database Cloud Service
Exadata Database Machine Exadata On Demand
Infrastructure as a Service
Oracle Solaris Oracle Linux
Ops Center
Oracle VM for SPARC (LDom) Oracle VM for x86
Solaris Zones
Servers, SuperCluster
Storage
Network Fabric
4 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.

5. Video – “Auction”

6. Security is the #1 Barrier to Cloud Adoption
87% Security main barrier to
cloud adoption
Source: IDC Enterprise Panel, 3Q09
52% Concerned with trusting
an outside 3rd party
Source: IDC Cloud Security Survey 2011`
41% Fear a security breach
from use of security SaaS
Source: IDC Cloud Security Survey, 2011
Cloud Computing saves costs but
reduces control, visibility and trust
40% Compliance concerns
prevent use of SaaS
Source: IDC Cloud Security Survey, 2011

7. The Cloud Security Continuum
HIGH
MED-
HIGH
Public Cloud
RISK
Private Hosted Cloud
MED-
LOW
Private In House Cloud Cloud computing increases
LOW risk and decreases control
Enterprise
CONTROL
HIGH LOW
1990 1995 2000 2005 2008

8. Security Gap Between the Enterprise and Cloud
Private In-House Cloud
c
Private In House Cloud Private Hosted Cloud Public Cloud
Benefits Use Cases Challenges
• Cloud for internal use • Leverage reusable identity • Insider Threats
• Scales to large functions for new apps
• Privileged User Access
departments • Meter departmental app Control
• Security enforced by IT usage
• Role based Access
• Access Governance
8

9. Security Gap Between the Enterprise and Cloud
Private Hosted Cloud
Private In House Cloud Private Hosted Cloud Public Cloud
Benefits Use Cases Challenges
• Hosted cloud for enterprise use • Deploy a massively • Integration can be complex
• Scales to several large scalable directory service
• Adding capacity can be
organizations • Deploy layered security for costly
• Identity management sensitive applications
outsourced
9

10. Security Gap Between the Enterprise and Cloud
Public Cloud
Private In House Cloud Private Hosted Cloud Public Cloud
Benefits Use Cases Challenges
• Access anytime anywhere • Rapid installation • Shared environment
• Scales to millions of users • Access applications from increases risk
• Pay as you grow mobile devices • Security silos
• Upgrades with zero • Jurisdictional issues
downtime
10

11. Risk and Fragmentation Increase Latency
• Security silos result in policy
fragmentation
• Multiple points of failure
• Security gaps increase vulnerability
LATENCY
to breaches
• Poor response to threats
RISK • Latency increases with
fragmentation
• Inability to develop and deploy
applications and users
FRAGMENTATION

12. Identity Management Bridges the Gap
Adaptive Access
Public Cloud
• Context / Risk Aware
Administration
• Anomaly Detection
• Role Mgmt
• Fraud Detection
• Provisioning
Private Hosted Cloud
Access • Identity Analytics
• Single-sign on • Certification
• Password policy
Scalable Repository
• Authorization policy
• Identity Synch
• Entitlements Risk Management
• Identity Virtualization
Private In-House Cloud • Reporting Audit
Administration
AuthN and AuthZ
Identity
Enterprise
Tools Point Solutions Platform Intelligence

13. Dimensions of Cloud Identity Management
Are you building Do you need IdM but don’t
Are you using cloud c want to maintain it?
apps? c cloud apps?
Identity as a Identity as a Identity Hosted as
Bridge to Cloud Foundation for Cloud a Cloud Service

14. Authentication and SSO
• Access anytime, anywhere from
any device
• Mobile authentication, SSO and
access control
• Connect Internet and Social
identities to enterprise identity
• Seamless integration and control
with enterprise

15. Federated Standards
• Multiple standard support for
authentication to multiple clouds
• SAML
Employees/ Social
Networks
• OAuth
Contractors
• OpenID
• WS-Fed
• Accelerated on boarding of
partners and service providers
Partners/ SaaS
Subsidiaries Applications

16. Authorization
• Centralized Policy
Centralized Policy
Enforcement
Administration
• Distributed Real-time Policy
Execution
• Standards-based policies:
XACML, RBAC, ABAC,
JAAS
Evaluate Policies and Policy Enforcement for
Enforce Access Apps, Middleware and
Databases

17. Context-Aware Security and Fraud Prevention
User: Jdoe • Location aware
Paswd:1happycat$
User: Jdoe • Device aware
Paswd:1happycat$
Entitlement
Policy
• Entitlements based
User: Jdoe • Enterprise control
Paswd:1happycat$
• Full audit
Filtered
Private Data
Trust but Verify:
Limit Access by Policy

18. User Provisioning and Role Management
• User lifecycle
management for on-
premise and SaaS
applications
• Self-service
provisioning and
Roles,
Users Apps
Entitlements request mgmt
• Flexible – Roles, rules
and policies
Managers

19. Audit and Compliance
• Access certification
• Risk scoring
• Privileged access
control
• Workflow remediation
• Business views
Audit Reporting
Actionable Intelligence

20. Oracle Identity Management Platform
Bridges the Gap
Fraud
Adaptive Access
Identity Admin and
Administration • DetectionRisk
Context /
Governance Reduces risk and
Aware
• Role Mgmt
Access Consolidates user • latency bydetection
Anomaly
Access • Provisioning preventing fraud in
Management roles and • real timecertification
Access
Directory • Single-sign on • Identity Analytics
entitlements and
Scalable Repository
Services Overcomes security reduces risk
• Identity Synch
Reduces latency silos by centralizing • Certification
• Password policy
• and fragmentation
Identity and consolidating
• Authorization Risk Management
Virtualization
by consolidating security policies.
Audit
• identity data
Reporting
Administration
AuthN and AuthZ
Identity
Tools Point Solutions Platform Intelligence

21. Oracle Identity Management Is Cloud-Ready
Partners
Social Networks
SaaS Apps
On Premise Apps Desktop/Mobile

22. Case Study: Citizens Bank
Identity consumed as a service example
COMPANY OVERVIEW RESULTS
• A large commercial bank holding company headquartered in NA • 75% of users were deployed in less than 1
• Over 20K employees and operates nearly 1500 branches and 4000 week
ATMs all over North America
• Single solution now delivers anti-phishing,
CHALLENGES/OPPORTUNITIES anti-malware and fraud detection
• Needed to secure PeopleSoft application with multi-factor • Deployment is cost effective and included
authentication for a financial services customer
layered multifactor authentication
• Wanted to avoid costly registration schemes and proprietary hardware
• Wanted to protect customers ‘ identities and preserve brand value by
preventing phishing attacks
SOLUTION
• Leveraged Oracle Adaptive Access Manager as a hosted solution from
Oracle On Demand

23. Case Study: Sasktel
Identity as a Service Example
COMPANY OVERVIEW RESULTS
• A leading Canadian full service communications provider in the • Displaced legacy SiteMinder solution with
Province of Saskatchewan with nearly 5000 employees Oracle Identity and Access Management
• Offers a wide range of communications products and services including • Monetized capital investments by offering
voice, data, Internet, entertainment, security monitoring, messaging, Oracle Identity and Access Management Suite
cellular, wireless data and directory services to general public as a cloud services
CHALLENGES/OPPORTUNITIES • Reduced internal opex and capex
• A number of legacy technologies had to be refreshed to cut down
operational expenses and increase scope of capabilities
• Nearly a half million customers accessing Sasktel’s services from a
wide variety of devices demanded self service
SOLUTION
• Leveraged Oracle Identity and Access Management Suite

24. Case Study: Oracle Public Cloud
Security and Identity Management Service
Identity Management
in the Cloud
• Built on Oracle Identity Management
• Single Sign-On and Federation
• Multi-factor authentication
• Fully Delegated Administration

25. Case Study: Oracle On Demand Cloud Services
Identity as a Hosted Cloud Service Example
• Offers Hosted Strong Auth,
Provisioning, SSO, and Directory
Integration
12+ years as premier cloud provider
5.5 million satisfied end-users
• Enterprise-grade performance, 20+ patented and patent pending technologies
security, and availability 14,000 Oracle Service experts
2,000+ Critical Patch Updates proactively applied annually
2x Faster service request resolution time
• End-to-end cloud service portfolio
64% Reduction in downtime for upgrades
Secure and Compliant: ISO 27001, ISO 27002, HIPAA,
ISAE 3402 / SSAE 16, NIST, DIACAP, PCI, 21 CFR Part 11
25 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.

26. Oracle Identity Management Platform Reduces Cost
Oracle IAM Suite
Benefits
Advantage
48% Cost Savings
Increased End-
User Productivity
Reduced Risk
• Emergency Access
• End-user Self Service
• 11% faster
• 30% faster
• Suspend/revoke/de-
46%
• 46% faster
More provision end user access
Responsive Enhanced Agility • Integrate a new app faster
with the IAM infrastructure • 64% faster
35% Fewer Audit • Integrate a new end user • 73% faster
role faster into the solution
Deficiencies
Enhanced • Reduces unauthorized
• 14% fewer
Security and access
Compliance • 35% fewer
• Reduces audit deficiencies
Reduced Total • Reduces total cost of IAM
• 48% lower
Cost initiatives
Source: Aberdeen “Analyzing point solutions vs. platform” 2011

27. Oracle Identity Management
Summary
• Complete, Open and Integrated
• Innovative, Scalable and Modernized SaaS
PaaS
IaaS
• Identity Management for Enterprise.
Cloud, Mobile and Social environments
• Simplified, Actionable Compliance

28. Learn More
Join the Oracle IDM
Contact Community
• Normand Sauvé • www.oracle.com/identity
• Normand.sauve@oracle.com
• twitter.com/OracleIDM
• Call 1-800-672-2537
• facebook.com/OracleIDM
• Blogs.oracle.com/OracleIDM

29. Q&A