Oracle Security: Bridging the gap between enterprise and cloud


Published on

How Oracle is helping Enterprise move to the Cloud securily with Security Solutions

Published in: Technology, Business
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Oracle Security: Bridging the gap between enterprise and cloud

  1. 1. Bridging the Security Gap Between the Enterprise and Cloud Sponsored by1 Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 8
  2. 2. This document is for informational purposes. It is not a commitmentto deliver any material, code, or functionality, and should not be reliedupon in making purchasing decisions. The development, release,and timing of any features or functionality described in this documentremains at the sole discretion of Oracle. This document in any form,software or printed matter, contains proprietary information that is theexclusive property of Oracle. This document and informationcontained herein may not be disclosed, copied, reproduced ordistributed to anyone outside Oracle without prior written consent ofOracle. This document is not part of your license agreement nor canit be incorporated into any contractual agreement with Oracle or itssubsidiaries or affiliates.
  3. 3. Agenda•  Barriers to Cloud Adoption•  Security Gaps Between Enterprise and Cloud•  Oracle Identity Management•  Case Studies•  Summary
  4. 4. Oracle Cloud Offerings – Identity Management Private Cloud Products Private & Public Cloud Services Applications Oracle Cloud Services Oracle Public Cloud Oracle Applications Fusion Fusion Oracle Oracle Applications HCM Cloud CRM Cloud Social On Demand Service Service Network Platform as a Service Cloud Control SOA Suite & Data Integration Identity & WebCenter User Oracle Enterprise Manager BPM Suite & GoldenGate Access Mgmt EngagementCloud Management Middleware On Demand Cloud Application Foundation: WebLogic Server, Exalogic On Demand Oracle Java Cloud Service Coherence, JRockit, Exalogic Elastic Cloud Oracle Database, MySQL, Database On Demand Oracle Database Cloud Service Exadata Database Machine Exadata On Demand Infrastructure as a Service Oracle Solaris Oracle Linux Ops Center Oracle VM for SPARC (LDom) Oracle VM for x86 Solaris Zones Servers, SuperCluster Storage Network Fabric 4 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  5. 5. Video – “Auction”
  6. 6. Security is the #1 Barrier to Cloud Adoption 87% Security main barrier to cloud adoption Source: IDC Enterprise Panel, 3Q09 52% Concerned with trusting an outside 3rd party Source: IDC Cloud Security Survey 2011` 41% Fear a security breach from use of security SaaS Source: IDC Cloud Security Survey, 2011Cloud Computing saves costs butreduces control, visibility and trust 40% Compliance concerns prevent use of SaaS Source: IDC Cloud Security Survey, 2011
  7. 7. The Cloud Security ContinuumHIGHMED-HIGH Public Cloud RISK Private Hosted CloudMED-LOW Private In House Cloud Cloud computing increasesLOW risk and decreases control Enterprise CONTROL HIGH LOW 1990 1995 2000 2005 2008
  8. 8. Security Gap Between the Enterprise and Cloud Private In-House Cloud c Private In House Cloud Private Hosted Cloud Public Cloud Benefits Use Cases Challenges •  Cloud for internal use •  Leverage reusable identity •  Insider Threats •  Scales to large functions for new apps •  Privileged User Access departments •  Meter departmental app Control •  Security enforced by IT usage •  Role based Access •  Access Governance8
  9. 9. Security Gap Between the Enterprise and Cloud Private Hosted Cloud Private In House Cloud Private Hosted Cloud Public Cloud Benefits Use Cases Challenges•  Hosted cloud for enterprise use •  Deploy a massively •  Integration can be complex•  Scales to several large scalable directory service •  Adding capacity can be organizations •  Deploy layered security for costly•  Identity management sensitive applications outsourced9
  10. 10. Security Gap Between the Enterprise and Cloud Public Cloud Private In House Cloud Private Hosted Cloud Public Cloud Benefits Use Cases Challenges •  Access anytime anywhere •  Rapid installation •  Shared environment •  Scales to millions of users •  Access applications from increases risk •  Pay as you grow mobile devices •  Security silos •  Upgrades with zero •  Jurisdictional issues downtime10
  11. 11. Risk and Fragmentation Increase Latency •  Security silos result in policy fragmentation •  Multiple points of failure •  Security gaps increase vulnerabilityLATENCY to breaches •  Poor response to threats RISK •  Latency increases with fragmentation •  Inability to develop and deploy applications and users FRAGMENTATION
  12. 12. Identity Management Bridges the Gap Adaptive Access Public Cloud •  Context / Risk Aware Administration •  Anomaly Detection •  Role Mgmt •  Fraud Detection •  ProvisioningPrivate Hosted Cloud Access •  Identity Analytics •  Single-sign on •  Certification •  Password policy Scalable Repository •  Authorization policy •  Identity Synch •  Entitlements Risk Management •  Identity VirtualizationPrivate In-House Cloud •  Reporting Audit Administration AuthN and AuthZ Identity Enterprise Tools Point Solutions Platform Intelligence
  13. 13. Dimensions of Cloud Identity Management Are you building Do you need IdM but don’tAre you using cloud c want to maintain it? apps? c cloud apps? Identity as a Identity as a Identity Hosted asBridge to Cloud Foundation for Cloud a Cloud Service
  14. 14. Authentication and SSO •  Access anytime, anywhere from any device •  Mobile authentication, SSO and access control •  Connect Internet and Social identities to enterprise identity •  Seamless integration and control with enterprise
  15. 15. Federated Standards •  Multiple standard support for authentication to multiple clouds •  SAMLEmployees/ Social Networks •  OAuthContractors •  OpenID •  WS-Fed •  Accelerated on boarding of partners and service providers Partners/ SaaSSubsidiaries Applications
  16. 16. Authorization •  Centralized Policy Centralized Policy Enforcement Administration •  Distributed Real-time Policy Execution •  Standards-based policies: XACML, RBAC, ABAC, JAASEvaluate Policies and Policy Enforcement for Enforce Access Apps, Middleware and Databases
  17. 17. Context-Aware Security and Fraud Prevention User: Jdoe •  Location aware Paswd:1happycat$ User: Jdoe •  Device aware Paswd:1happycat$Entitlement Policy •  Entitlements based User: Jdoe •  Enterprise control Paswd:1happycat$ •  Full audit Filtered Private Data Trust but Verify: Limit Access by Policy
  18. 18. User Provisioning and Role Management •  User lifecycle management for on- premise and SaaS applications •  Self-service provisioning and Roles, Users Apps Entitlements request mgmt •  Flexible – Roles, rules and policies Managers
  19. 19. Audit and Compliance •  Access certification •  Risk scoring •  Privileged access control •  Workflow remediation •  Business views Audit ReportingActionable Intelligence
  20. 20. Oracle Identity Management PlatformBridges the Gap Fraud Adaptive Access Identity Admin and Administration •  DetectionRisk Context / Governance Reduces risk and Aware •  Role Mgmt Access Consolidates user •  latency bydetection Anomaly Access •  Provisioning preventing fraud in Management roles and •  real timecertification Access Directory •  Single-sign on •  Identity Analytics entitlements and Scalable Repository Services Overcomes security reduces risk •  Identity Synch Reduces latency silos by centralizing •  Certification •  Password policy • and fragmentation Identity and consolidating •  Authorization Risk Management Virtualization by consolidating security policies. Audit • identity data Reporting Administration AuthN and AuthZ Identity Tools Point Solutions Platform Intelligence
  21. 21. Oracle Identity Management Is Cloud-Ready PartnersSocial Networks SaaS Apps On Premise Apps Desktop/Mobile
  22. 22. Case Study: Citizens Bank Identity consumed as a service exampleCOMPANY OVERVIEW RESULTS•  A large commercial bank holding company headquartered in NA •  75% of users were deployed in less than 1•  Over 20K employees and operates nearly 1500 branches and 4000 week ATMs all over North America •  Single solution now delivers anti-phishing,CHALLENGES/OPPORTUNITIES anti-malware and fraud detection•  Needed to secure PeopleSoft application with multi-factor •  Deployment is cost effective and included authentication for a financial services customer layered multifactor authentication•  Wanted to avoid costly registration schemes and proprietary hardware•  Wanted to protect customers ‘ identities and preserve brand value by preventing phishing attacksSOLUTION•  Leveraged Oracle Adaptive Access Manager as a hosted solution from Oracle On Demand
  23. 23. Case Study: Sasktel Identity as a Service ExampleCOMPANY OVERVIEW RESULTS•  A leading Canadian full service communications provider in the •  Displaced legacy SiteMinder solution with Province of Saskatchewan with nearly 5000 employees Oracle Identity and Access Management•  Offers a wide range of communications products and services including •  Monetized capital investments by offering voice, data, Internet, entertainment, security monitoring, messaging, Oracle Identity and Access Management Suite cellular, wireless data and directory services to general public as a cloud servicesCHALLENGES/OPPORTUNITIES •  Reduced internal opex and capex•  A number of legacy technologies had to be refreshed to cut down operational expenses and increase scope of capabilities•  Nearly a half million customers accessing Sasktel’s services from a wide variety of devices demanded self serviceSOLUTION•  Leveraged Oracle Identity and Access Management Suite
  24. 24. Case Study: Oracle Public CloudSecurity and Identity Management Service Identity Management in the Cloud •  Built on Oracle Identity Management •  Single Sign-On and Federation •  Multi-factor authentication •  Fully Delegated Administration
  25. 25. Case Study: Oracle On Demand Cloud Services Identity as a Hosted Cloud Service Example•  Offers Hosted Strong Auth, Provisioning, SSO, and Directory Integration 12+ years as premier cloud provider 5.5 million satisfied end-users•  Enterprise-grade performance, 20+ patented and patent pending technologies security, and availability 14,000 Oracle Service experts 2,000+ Critical Patch Updates proactively applied annually 2x Faster service request resolution time•  End-to-end cloud service portfolio 64% Reduction in downtime for upgrades Secure and Compliant: ISO 27001, ISO 27002, HIPAA, ISAE 3402 / SSAE 16, NIST, DIACAP, PCI, 21 CFR Part 11 25 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  26. 26. Oracle Identity Management Platform Reduces Cost Oracle IAM Suite Benefits Advantage48% Cost Savings Increased End- User Productivity Reduced Risk •  Emergency Access •  End-user Self Service •  11% faster •  30% faster •  Suspend/revoke/de-46% •  46% faster More provision end user access Responsive Enhanced Agility •  Integrate a new app faster with the IAM infrastructure •  64% faster35% Fewer Audit •  Integrate a new end user •  73% faster role faster into the solution Deficiencies Enhanced •  Reduces unauthorized •  14% fewer Security and access Compliance •  35% fewer •  Reduces audit deficiencies Reduced Total •  Reduces total cost of IAM •  48% lower Cost initiatives Source: Aberdeen “Analyzing point solutions vs. platform” 2011
  27. 27. Oracle Identity Management Summary•  Complete, Open and Integrated•  Innovative, Scalable and Modernized SaaS PaaS IaaS•  Identity Management for Enterprise. Cloud, Mobile and Social environments•  Simplified, Actionable Compliance
  28. 28. Learn More Join the Oracle IDM Contact Community•  Normand Sauvé •• ••  Call 1-800-672-2537 • •
  29. 29. Q&A