Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Oracle security-formula


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Oracle security-formula

  1. 1. Amit JasujaVice President,Identity Management, Oracle
  2. 2. This document is for informational purposes. It is not a commitmentto deliver any material, code, or functionality, and should not be reliedupon in making purchasing decisions. The development, release,and timing of any features or functionality described in this documentremains at the sole discretion of Oracle. This document in any form,software or printed matter, contains proprietary information that is theexclusive property of Oracle. This document and informationcontained herein may not be disclosed, copied, reproduced ordistributed to anyone outside Oracle without prior written consent ofOracle. This document is not part of your license agreement nor canit be incorporated into any contractual agreement with Oracle or itssubsidiaries or affiliates.
  3. 3. What Keeps You Up at Night ? Threats Threats • More Attacks • Insider Fraud • Data Privacy Opportunities Compliance Opportunities
  4. 4. What Keeps You Up at Night ? Threats Threats Compliance • More Attacks Tougher Regulations • Insider Fraud Intrusive Audits • Data Privacy Costly Reporting Opportunities Compliance Opportunities
  5. 5. What Keeps You Up at Night ? Threats Opportunities Threats Compliance • More Attacks Cloud Computing Tougher Regulations • Insider Access Mobile Fraud Intrusive Audits • Data Privacy Globalization Costly Reporting Opportunities Compliance Opportunities
  6. 6. Threats are Against Applications and Data Endpoint Security • How do I control insiders? Other 48% Caused by Insiders Vulnerability • Can I report on IdentitySecurity ManagementRecords 92% Stolen Management anomalous behavior? From Database Servers 89% Records Stolen • Is my data protected against SQL Using SQL Injection Database injection attacks? 86% Hacking Involve Security Stolen Credentials • Can I prevent intrusions? Email Network Security Security 2010 Data Breach Investigations Report
  7. 7. Reduce Audit Exposure • Is access certification timely? • Is audit data collected and retrievable? • Are my security processes sustainable? • Can I remediate audit issues quickly & effectively? 40% Of IT Budgets spent on compliance mandatesSource: The Value of Corporate Secrets by Forrester Consulting (March 2010)
  8. 8. Security Unlocks New Opportunities • Can I deploy new customer facing applications ? • Can I extend my identity infrastructure to the cloud? • Can employees access email & apps on mobile devices ?87% Security main barrier to Cloud Adoption Source: IDC Enterprise Panel, 3Q09 • Can I consolidate my apps and run my database in the cloud?46% Increase in Mobile attacks in 2010 vs. 2009 McAfee Threats Report: Fourth Quarter 2010
  9. 9. Identity Management Evolves Authoritative ID Access Via User Lifecycle In Certify Access Monitor with Massive Mobile & Social Hybrid/Cloud for Millions of Behavior & Scale Channels Environments Users & Detect Improper Entitlements Access Cloud/ Mobile Extranet Risk Management AuditEnterprise Administration Authentication Identity Tools Point Solutions Platform Intelligence
  10. 10. Database Security Evolves Control Encrypt Data Audit User Monitor SQL Privileged Activity Users Mask Test Block Attacks Data Compliance Cloud Enforce SoD ReportsNon-Oracle Databases Database Firewall Auditing OracleDatabases Encryption & Masking Authorization Authentication Defense in Depth
  11. 11. A Patchwork of SolutionsFragmentation Reduces Effectiveness • Audit exposure • Poor reporting, • Limited root cause tracking • Vulnerable to breaches • Multiple points of failure • Missed business opportunities • Inability to develop and deploy applications to users
  12. 12. Taking a Platform Approach Integrated Application and Information Security Oracle Applications Non-Oracle Applications  Reduce audit exposure  Detect and prevent threats Integrated Security Platform  Grow the business Identity Management Database Security Oracle Databases Non-Oracle Databases Savings with an integrated platform 48% vs. point solutionsSource: Aberdeen “Analyzing point solutions vs. platform” 2011
  13. 13. Oracle Identity Management Stack Complete, Innovative and Integrated Identity Governance Access Management Directory Services• Password Management • Single Sign-On & Federation • LDAP Storage• Self-Service Request & Approval • Web Services Security • Virtualized Identity Access• Roles based User Provisioning • Authentication & Fraud • LDAP Synchronization Prevention• Analytics, Policy Monitoring • Authorization & Entitlements• Risk-based Access Certification • Access from Mobile Devices Platform Security Services Identity Services for Developers
  14. 14. Oracle Database Security Complete Defense in Depth and Transparent to Applications Auditing, Monitoring Access Control Transparent Encryption and Protection Management and Masking• Monitor database network activity • Privileged database user controls • Transparently encrypt application data• Accurately detect and block SQL • Fine-grained authorization injection and other threats enforce who, where, when, and • Protect from unauthorized OS how level or network access• Consolidate audit data, alert, report • Securely consolidate databases • Built-in key lifecycle management• Secure configuration • Data classification access control • Mask sensitive data for management non-production Oracle Database Security
  15. 15. Oracle Security Solutions• Complete, Open and Integrated• Innovative, Scalable and Modernized• Simplified and Actionable Compliance