Empfohlen
Weitere ähnliche Inhalte
Was ist angesagt?
Was ist angesagt? (18)
Andere mochten auch
Andere mochten auch (20)
Ähnlich wie A better waytosecureapps-finalv1
Ähnlich wie A better waytosecureapps-finalv1 (20)
Mehr von OracleIDM
Mehr von OracleIDM (20)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
A better waytosecureapps-finalv1
- 1. <Insert Picture Here> Better Way to Secure Financial Services Applications Amit Jasuja Group Vice President, Identity Management, Oracle
- 2. This document is for informational purposes. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described in this document remains at the sole discretion of Oracle. This document in any form, software or printed matter, contains proprietary information that is the exclusive property of Oracle. This document and information contained herein may not be disclosed, copied, reproduced or distributed to anyone outside Oracle without prior written consent of Oracle. This document is not part of your license agreement nor can it be incorporated into any contractual agreement with Oracle or its subsidiaries or affiliates.
- 3. Agenda • The Oracle Lens • Application Security Value Chain • A Platform Approach
- 4. Financial Service Applications Risks 48% 86% Fraud Caused By Of hacking involves Insiders compromised credentials Unauthorized Trading No Policy Visibility Hardcoded Security Internal Fraud Complex Certification No Role Structure Limited Forensics Costly Compliance Brittle Access Control 2010 Data Breach Investigations Report
- 5. Entitlements And Policies The Rights to Application Data & Transactions IT VIEW: CAN A TRADER Entitlement SUBMIT A TRADE OF A CERTAIN SIZE AT A SPECIFC TIME OF DAY BUSINESS VIEW: WHAT IS THE AUDIT OBJECTIVE AND Transaction Data Forms THE ASSOCIATED RISK Authorization Policy
- 6. Application Security is Fragmented Multiple Brittle Hardcoded Entitlement Catalogs Access Control Authorization Inflexible authorization increases complexity, reduces agility
- 7. The Challenge is Scale Focused on Reducing Risk • A Few App Administrators Driven to Reduce Cost Rolling or Monthly Attestation • Handful of Audit Staff
- 8. What is Entitlements Management? Application Security Value Chain Define Access Enforce Audit Monitor Audit Secure Catalog Request Monitor Certify Certify Enforce Data Entitlements Search Context Risk Encrypt Policies Provision External Az Remediation Mask
- 9. Define & Catalog Enterprise Roles • Common Data Model • Catalog Entitlements Entitlements, Roles & Policies • Enrich Meta-data • Define Roles &SoD
- 10. Enforce and Monitor Context and Dynamic Authorization Audit & Risk Custom COTS Application Owners Apps Apps Developers Application Security Platform Location Time Device
- 11. Audit & Certify Entitlement • Active Conflict Analysis Report SOD Checking • Simulation Entitlement • Risk Aggregation Auto- Review Remediate Aggregate Risk Score • 360 Degree Visibility • Closed Loop Reduce Remediation Time to Minutes Instead of Days or Weeks
- 12. Secure Application Data At The Application In The Database Authorize Mask Externalize Encrypt Centralize Audit
- 13. Comprehensive Database Security Control Encrypt Data Audit User Monitor SQL Privileged Activity Users Mask Test Block Attacks Data Compliance Cloud Enforce SoD Reports Non-Oracle Databases Database Firewall Auditing Oracle Databases Encryption & Masking Authorization Authentication Defense in Depth
- 14. The Identity Platform Complete, Innovative and Integrated Identity Governance •User Lifecycle •Risk Analytics • Access Provisioning • Access Certification • Delegated Admin • Role Management Access Access Directory •Fraud Detection •Location Data • Single-Sign On • Centralized Auth • Mobile, Social Intg • Device & User Data
- 15. Platform Reduces Cost vs. Point Solutions Oracle IAM Suite Benefits Advantage • Emergency Access • 11% faster 48% Increased End- Cost Savings User Productivity • End-user Self Service • 30% faster Reduced Risk • Suspend/revoke/de-provision • 46% faster 46% end user access More Responsive Enhanced Agility • Integrate a new app faster with the IAM infrastructure • 64% faster • Integrate a new end user role • 73% faster 35% Fewer Audit Deficiencies Enhanced Security and Compliance faster into the solution • Reduces unauthorized access • 14% fewer • Reduces audit deficiencies • 35% fewer Reduced Total Cost • Reduces total cost of IAM • 48% lower initiatives Source: Aberdeen “Analyzing point solutions vs. platform” 2011
- 16. Take a Security Inside Out Approach • Reduce the risk • Reduce the cost of application security • Secure access to the “crown jewels” • Simplify administration
- 17. We Can Help Develop a Strategy Speak with Setup Free References Workshop Schedule a Develop an ROI Demonstration Analysis
Hinweis der Redaktion
- Database security has to evolve as well to become a layered solution with a defense in depth which means multiple overlapping controls Prevent access by non-database users for data at rest, in motion, and storageIncrease database user identity assuranceStrict access control to application data even from privileged usersEnforce multi-factor authorizationAudit database activity, and create reportsMonitor database traffic and prevent threats from reaching the databaseEnsure database production environment is secure and prevent driftMask sensitive data in non-production environments
- Mobile device security begins with an Identity Platform.It’s a build slide and for each block we describe what the Block does for Mobile security – perhaps for each block tell a story of a customer applying the technology to a mobile strategyFor Access--- Describe capabilities of OIC and Adaptive accessFor Directory -- Talk high scale auth -- Location services Governance -- Risk analytics & compliance-- Self service and support cost
- Link to aberdeen paper.. But most already know the story herehttp://www.oracle.com/go/?&Src=7319991&Act=11&pcode=WWMK11053701MPP015
- I want to repeat our offer to assist. The best approach is to get guidance from people who have gone through the process Speak with our customers We invite you to speak with one of our customers who has created a business case and taken a platform approach. Contact a sales rep or reach out to someone here at the event and we can discuss how to help setup a follow on conversation for you.Setup a Free WorkshopOur Sales consultants have created a repeatable workshop to help customers assess their current environment and determine how to get started. Schedule a DemonstrationThe best way to get a feel for how a platform approach works is to setup a demonstration to see all of the components running together. Develop an ROI analysis Over the course of may deployments we have collected data to examine the return on investment customers have received. We have compiled this information into an ROI tool that can be leveraged to provide a baseline . Work with our reps to help develop an ROI analysis for your environment.