Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

A better waytosecureapps-finalv1


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

A better waytosecureapps-finalv1

  1. 1. <Insert Picture Here>Better Way to Secure Financial Services ApplicationsAmit JasujaGroup Vice President, Identity Management, Oracle
  2. 2. This document is for informational purposes. It is not a commitmentto deliver any material, code, or functionality, and should not be reliedupon in making purchasing decisions. The development, release,and timing of any features or functionality described in this documentremains at the sole discretion of Oracle. This document in any form,software or printed matter, contains proprietary information that is theexclusive property of Oracle. This document and informationcontained herein may not be disclosed, copied, reproduced ordistributed to anyone outside Oracle without prior written consent ofOracle. This document is not part of your license agreement nor canit be incorporated into any contractual agreement with Oracle or itssubsidiaries or affiliates.
  3. 3. Agenda• The Oracle Lens• Application Security Value Chain• A Platform Approach
  4. 4. Financial Service Applications Risks48% 86%Fraud Caused By Of hacking involvesInsiders compromised credentials  Unauthorized Trading  No Policy Visibility  Hardcoded Security  Internal Fraud  Complex Certification  No Role Structure  Limited Forensics  Costly Compliance  Brittle Access Control 2010 Data Breach Investigations Report
  5. 5. Entitlements And PoliciesThe Rights to Application Data & Transactions IT VIEW: CAN A TRADER Entitlement SUBMIT A TRADE OF A CERTAIN SIZE AT A SPECIFC TIME OF DAY BUSINESS VIEW: WHAT IS THE AUDIT OBJECTIVE AND Transaction Data Forms THE ASSOCIATED RISK Authorization Policy
  6. 6. Application Security is Fragmented Multiple Brittle HardcodedEntitlement Catalogs Access Control Authorization Inflexible authorization increases complexity, reduces agility
  7. 7. The Challenge is Scale Focused on Reducing Risk • A Few App Administrators Driven to Reduce Cost Rolling or Monthly Attestation • Handful of Audit Staff
  8. 8. What is Entitlements Management? Application Security Value Chain Define Access Enforce Audit Monitor Audit Secure Catalog Request Monitor Certify Certify Enforce Data Entitlements  Search  Context  Risk  Encrypt Policies  Provision  External Az  Remediation  Mask
  9. 9. Define & Catalog Enterprise Roles • Common Data Model • Catalog Entitlements Entitlements, Roles & Policies • Enrich Meta-data • Define Roles &SoD
  10. 10. Enforce and Monitor Context and Dynamic AuthorizationAudit & Risk Custom COTS Application Owners Apps Apps Developers Application Security Platform Location Time Device
  11. 11. Audit & Certify Entitlement • Active Conflict Analysis Report SOD Checking • Simulation Entitlement • Risk Aggregation Auto- Review Remediate Aggregate Risk Score • 360 Degree Visibility • Closed Loop Reduce Remediation Time toMinutes Instead of Days or Weeks
  12. 12. Secure Application Data At The Application In The Database  Authorize  Mask  Externalize  Encrypt  Centralize  Audit
  13. 13. Comprehensive Database Security Control Encrypt Data Audit User Monitor SQL Privileged Activity Users Mask Test Block Attacks Data Compliance Cloud Enforce SoD ReportsNon-Oracle Databases Database Firewall Auditing OracleDatabases Encryption & Masking Authorization Authentication Defense in Depth
  14. 14. The Identity PlatformComplete, Innovative and Integrated Identity Governance •User Lifecycle •Risk Analytics • Access Provisioning • Access Certification • Delegated Admin • Role Management Access Access Directory •Fraud Detection •Location Data • Single-Sign On • Centralized Auth • Mobile, Social Intg • Device & User Data
  15. 15. Platform Reduces Cost vs. Point Solutions Oracle IAM Suite Benefits Advantage • Emergency Access • 11% faster48% Increased End- Cost Savings User Productivity • End-user Self Service • 30% faster Reduced Risk • Suspend/revoke/de-provision • 46% faster46% end user access More Responsive Enhanced Agility • Integrate a new app faster with the IAM infrastructure • 64% faster • Integrate a new end user role • 73% faster35% Fewer Audit Deficiencies Enhanced Security and Compliance faster into the solution • Reduces unauthorized access • 14% fewer • Reduces audit deficiencies • 35% fewer Reduced Total Cost • Reduces total cost of IAM • 48% lower initiatives Source: Aberdeen “Analyzing point solutions vs. platform” 2011
  16. 16. Take a Security Inside Out Approach• Reduce the risk• Reduce the cost of application security• Secure access to the “crown jewels”• Simplify administration
  17. 17. We Can Help Develop a Strategy Speak with Setup Free References Workshop Schedule a Develop an ROI Demonstration Analysis