2. This document is for informational purposes. It is not a commitment
to deliver any material, code, or functionality, and should not be relied
upon in making purchasing decisions. The development, release,
and timing of any features or functionality described in this document
remains at the sole discretion of Oracle. This document in any form,
software or printed matter, contains proprietary information that is the
exclusive property of Oracle. This document and information
contained herein may not be disclosed, copied, reproduced or
distributed to anyone outside Oracle without prior written consent of
Oracle. This document is not part of your license agreement nor can
it be incorporated into any contractual agreement with Oracle or its
subsidiaries or affiliates.
3. Agenda
• Barriers to Cloud Adoption
• Security Gaps Between Enterprise and Cloud
• Oracle Identity Management
• Case Studies
• Summary
6. Security is the #1 Barrier to Cloud Adoption
87% Security main barrier to
cloud adoption
Source: IDC Enterprise Panel, 3Q09
52% Concerned with trusting
an outside 3rd party
Source: IDC Cloud Security Survey 2011`
41% Fear a security breach
from use of security SaaS
Source: IDC Cloud Security Survey, 2011
Cloud Computing saves costs but
reduces control, visibility and trust
40% Compliance concerns
prevent use of SaaS
Source: IDC Cloud Security Survey, 2011
7. The Cloud Security Continuum
HIGH
MED-
HIGH
Public Cloud
RISK
Private Hosted Cloud
MED-
LOW
Private In House Cloud Cloud computing increases
LOW risk and decreases control
Enterprise
CONTROL
HIGH LOW
1990 1995 2000 2005 2008
8. Security Gap Between the Enterprise and Cloud
Private In-House Cloud
c
Private In House Cloud Private Hosted Cloud Public Cloud
Benefits Use Cases Challenges
• Cloud for internal use • Leverage reusable identity • Insider Threats
• Scales to large functions for new apps
• Privileged User Access
departments • Meter departmental app Control
• Security enforced by IT usage
• Role based Access
• Access Governance
8
9. Security Gap Between the Enterprise and Cloud
Private Hosted Cloud
Private In House Cloud Private Hosted Cloud Public Cloud
Benefits Use Cases Challenges
• Hosted cloud for enterprise use • Deploy a massively • Integration can be complex
• Scales to several large scalable directory service
• Adding capacity can be
organizations • Deploy layered security for costly
• Identity management sensitive applications
outsourced
9
10. Security Gap Between the Enterprise and Cloud
Public Cloud
Private In House Cloud Private Hosted Cloud Public Cloud
Benefits Use Cases Challenges
• Access anytime anywhere • Rapid installation • Shared environment
• Scales to millions of users • Access applications from increases risk
• Pay as you grow mobile devices • Security silos
• Upgrades with zero • Jurisdictional issues
downtime
10
11. Risk and Fragmentation Increase Latency
• Security silos result in policy
fragmentation
• Multiple points of failure
• Security gaps increase vulnerability
LATENCY
to breaches
• Poor response to threats
RISK • Latency increases with
fragmentation
• Inability to develop and deploy
applications and users
FRAGMENTATION
13. Dimensions of Cloud Identity Management
Are you building Do you need IdM but don’t
Are you using cloud c want to maintain it?
apps? c cloud apps?
Identity as a Identity as a Identity Hosted as
Bridge to Cloud Foundation for Cloud a Cloud Service
14. Authentication and SSO
• Access anytime, anywhere from
any device
• Mobile authentication, SSO and
access control
• Connect Internet and Social
identities to enterprise identity
• Seamless integration and control
with enterprise
15. Federated Standards
• Multiple standard support for
authentication to multiple clouds
• SAML
Employees/ Social
Networks
• OAuth
Contractors
• OpenID
• WS-Fed
• Accelerated on boarding of
partners and service providers
Partners/ SaaS
Subsidiaries Applications
17. Context-Aware Security and Fraud Prevention
User: Jdoe • Location aware
Paswd:1happycat$
User: Jdoe • Device aware
Paswd:1happycat$
Entitlement
Policy
• Entitlements based
User: Jdoe • Enterprise control
Paswd:1happycat$
• Full audit
Filtered
Private Data
Trust but Verify:
Limit Access by Policy
18. User Provisioning and Role Management
• User lifecycle
management for on-
premise and SaaS
applications
• Self-service
provisioning and
Roles,
Users Apps
Entitlements request mgmt
• Flexible – Roles, rules
and policies
Managers
19. Audit and Compliance
• Access certification
• Risk scoring
• Privileged access
control
• Workflow remediation
• Business views
Audit Reporting
Actionable Intelligence
20. Oracle Identity Management Platform
Bridges the Gap
Fraud
Adaptive Access
Identity Admin and
Administration • DetectionRisk
Context /
Governance Reduces risk and
Aware
• Role Mgmt
Access Consolidates user • latency bydetection
Anomaly
Access • Provisioning preventing fraud in
Management roles and • real timecertification
Access
Directory • Single-sign on • Identity Analytics
entitlements and
Scalable Repository
Services Overcomes security reduces risk
• Identity Synch
Reduces latency silos by centralizing • Certification
• Password policy
• and fragmentation
Identity and consolidating
• Authorization Risk Management
Virtualization
by consolidating security policies.
Audit
• identity data
Reporting
Administration
AuthN and AuthZ
Identity
Tools Point Solutions Platform Intelligence
21. Oracle Identity Management Is Cloud-Ready
Partners
Social Networks
SaaS Apps
On Premise Apps Desktop/Mobile
22. Case Study: Citizens Bank
Identity consumed as a service example
COMPANY OVERVIEW RESULTS
• A large commercial bank holding company headquartered in NA • 75% of users were deployed in less than 1
• Over 20K employees and operates nearly 1500 branches and 4000 week
ATMs all over North America
• Single solution now delivers anti-phishing,
CHALLENGES/OPPORTUNITIES anti-malware and fraud detection
• Needed to secure PeopleSoft application with multi-factor • Deployment is cost effective and included
authentication for a financial services customer
layered multifactor authentication
• Wanted to avoid costly registration schemes and proprietary hardware
• Wanted to protect customers ‘ identities and preserve brand value by
preventing phishing attacks
SOLUTION
• Leveraged Oracle Adaptive Access Manager as a hosted solution from
Oracle On Demand
23. Case Study: Sasktel
Identity as a Service Example
COMPANY OVERVIEW RESULTS
• A leading Canadian full service communications provider in the • Displaced legacy SiteMinder solution with
Province of Saskatchewan with nearly 5000 employees Oracle Identity and Access Management
• Offers a wide range of communications products and services including • Monetized capital investments by offering
voice, data, Internet, entertainment, security monitoring, messaging, Oracle Identity and Access Management Suite
cellular, wireless data and directory services to general public as a cloud services
CHALLENGES/OPPORTUNITIES • Reduced internal opex and capex
• A number of legacy technologies had to be refreshed to cut down
operational expenses and increase scope of capabilities
• Nearly a half million customers accessing Sasktel’s services from a
wide variety of devices demanded self service
SOLUTION
• Leveraged Oracle Identity and Access Management Suite
24. Case Study: Oracle Public Cloud
Security and Identity Management Service
Identity Management
in the Cloud
• Built on Oracle Identity Management
• Single Sign-On and Federation
• Multi-factor authentication
• Fully Delegated Administration
26. Oracle Identity Management Platform Reduces Cost
Oracle IAM Suite
Benefits
Advantage
48% Cost Savings
Increased End-
User Productivity
Reduced Risk
• Emergency Access
• End-user Self Service
• 11% faster
• 30% faster
• Suspend/revoke/de-
46%
• 46% faster
More provision end user access
Responsive Enhanced Agility • Integrate a new app faster
with the IAM infrastructure • 64% faster
35% Fewer Audit • Integrate a new end user • 73% faster
role faster into the solution
Deficiencies
Enhanced • Reduces unauthorized
• 14% fewer
Security and access
Compliance • 35% fewer
• Reduces audit deficiencies
Reduced Total • Reduces total cost of IAM
• 48% lower
Cost initiatives
Source: Aberdeen “Analyzing point solutions vs. platform” 2011
27. Oracle Identity Management
Summary
• Complete, Open and Integrated
• Innovative, Scalable and Modernized SaaS
PaaS
IaaS
• Identity Management for Enterprise.
Cloud, Mobile and Social environments
• Simplified, Actionable Compliance
28. Learn More
Join the Oracle IDM
Contact Community
• Normand Sauvé • www.oracle.com/identity
• Normand.sauve@oracle.com
• twitter.com/OracleIDM
• Call 1-800-672-2537
• facebook.com/OracleIDM
• Blogs.oracle.com/OracleIDM