Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Platform approach-series-building a-roadmap-finalv1


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Platform approach-series-building a-roadmap-finalv1

  1. 1. <Insert Picture Here>Building a Comprehensive Identity Roadmap
  2. 2. This document is for informational purposes. It is not a commitmento deliver any material, code, or functionality, and should not be relie pon in making purchasing decisions. The development, release, nd timing of any features or functionality described in this documen emains at the sole discretion of Oracle. This document in any form oftware or printed matter, contains proprietary information that is th xclusive property of Oracle. This document and information ontained herein may not be disclosed, copied, reproduced or istributed to anyone outside Oracle without prior written consent ofOracle. This document is not part of your license agreement nor ca be incorporated into any contractual agreement with Oracle or its ubsidiaries or affiliates.
  3. 3. Agenda •  Getting Started •  Roadmap Complexity •  Quick Wins •  Increasing Maturity •  The Cloud
  4. 4. Building a Roadmap is ComplicatedIt’s Task of Prioritization and Opportunity Overlap Business vs. Compliance Application vs. Owners Risk Timeline Multiple & Priorities Deliverables
  5. 5. Assess The Business OpportunityCompliance, Risk and Economic Opportunities Security Efficiency Scale 3Xulatory Compliance   User Productivitynal Governance   Operational Cost   New Customersurity Risk   Opportunity Cost   Quality of Servi
  6. 6. Look at Top Regulatory Audit Exposures who •  Aggregation of •  Enforcing •  Review •  Conflictiseparated access strong regulated privilegeave privileges passwords application busines nts beyond job role regular user access and firewall password reset attestationed Excessive Password Access Separatiots Access Aging Certification of Duties out of 10 customers tackle the orphaned account issue first ook at role management and analytics to address certificationRole based provisioning to address excessive access
  7. 7. Assess Existing InfrastructureGap of Current Capability vs. Desired Capabilityinistration Authentication Authorization Audit-boarding •  Sign-on •  Declarative •  Entitlement-boarding security review •  Password agingf-service •  Fine-grained •  Role lifecycle •  Web-SSO entitlementsvileged •  Access •  Password •  Federatedcess remediation management accessegatedmin
  8. 8. Roadmap Capabilities to Maturity Prioritize on Complexity and ControlControl Risk Analytics External User Lifecycle Role Management SOA Sec User Self Service Adaptive Access Single-Sign On Password Management Master User Index Central Authentication Complexity LOW HIGH
  9. 9. Start with Figuring out Who’s Who Corporate Directories are Low Hanging Fruit for Convergence Opportunities uce number of separate identity silos Virtualansion Shared Services vs. LOB ITmpliance and Security Requirements Business Affiliates/ Subsidiaries Storage Synch Corporate LDAP “Convergence drives Unificat Customer LDAP •  Lower TCO Employees/Partners/ Customers Extranet LOB •  Lower Administration Effort LDAP •  Improved User Experience
  10. 10. Passwords Provide Quick WinQuick ROI on Compliance and Reduce Risk 140% 12 months ROI Payback period 50% Of Help Desk Calls are Password Related $40 Average Cost of Every Call to Help Desk Change Password Source: ESSO Buyer’s Guide:, Sep 2011 86% Of Hacking Involve Lost, Stole or Weak Credentials Verizon Data Breach Report , 2010 Link:
  11. 11. Address Internal GovernanceAdministration and Risk Analytics  Accountability for access User  Measuring effectiveness & risk Provisioning  Prevent audit violations  Sustainable audit process Certificatio  Coverage across systems Review
  12. 12. Declarative Security & External AuthorizationSecure SOA, Portals, Data and Home Grown Apps •  •  Protect Your Data •  App •  Secure Transactions •  •  Central Audit Control App •  •  SoD Checking •  •  Role Based Access •  App
  13. 13. Administration: Connect it AllShopping Cart Convenience •  User Satisfaction •  Reduce Helpdesk Cos •  Audit Trail Roles, •  Track Access Privilege Entitlements,og Apps •  Standardize Workflow Cart •  Simplify New Service Rollout Users Managers
  14. 14. Become Context Aware Prevent and Detect Anomalous Behavior Reducing Surface Area of Attacks 89% Preventable Breaches ROI Payback period Total benefits Total costs Net benefits 106% 12.1 months $6,007,641 ($2,912,513) $3,095,129ource: “Adaptive Access Management: An ROI Study” a commissioned study conducted by IDC on behalf of Oracle, 2010
  15. 15. Dimensions of Cloud Identity Management Are you building Do you need IdM but done you using cloud c want to maintain it? apps? c cloud apps?dentity as a Identity as a Identity Hosted aidge to Cloud Foundation for Cloud a Cloud Service
  16. 16. dentity Management Bridges the Gap Adaptive Accessd •  Context / Risk Aw Administration •  Anomaly Detectio •  Role Mgmt •  Fraud Detection •  Provisioningd Cloud Access •  Identity Analytics •  Single-sign on •  Certification Scalable Repository •  Password policy •  Identity Synch •  Authorization policy •  Entitlements Risk Managem •  Identity Virtualizationuse Cloud •  Reporting Audit Administration AuthN and AuthZ Identity Tools Point Solutions Platform Intellige
  17. 17. Summaryrioritize Based on Complexityssess Existing Infrastructureook For Quick Winslan For Cloud
  18. 18.