Monday Apr 29, 2013

Centrica webcast follow up - key takeaways and Q&A

Thank you to everyone that joined us on Thursday, April 25, 2013 for the Centrica webcast.  Chris Wilton, Senior Project Manager at Centrica, and Ben Bulpett from aurioPro SENA were the guest speakers.

If you missed the webcast, you can register for the replay here: Centrica Webcast Replay

Here are a few of the key takeaways that were discussed during the webcast:

Key Business Drivers:

  • Centrica needed to simplify log on to SAP, which is a critical business app
  • Wanted to reduce the number of passwords
  • Wanted to automate password resets
  • Wanted to reduce the number of helpdesk calls
  • Centrica wanted to be able to rapidly deprovision accounts for users that leave the organization

Cenrtrica wanted contingency plans in place should an ESSO outage occur

Centrica and aurionPro SENA used several Oracle products were used to achieve the desired results, some in place before this project.  They include:

Oracle Access Manager (OAM), Oracle Virtual Directory (OVD), Oracle Identity Manager (OIM), and Oracle Identity Federation (OIF)

 The project was completed in 60 days and provided a ESSO capability for HR and Payroll, with the ability to add additional applications in the future.  Over 45,000 internal and external users now have access provided by this system.

Here are some additional questions and answers related to this project:

Who sponsored the project within Centrica?

The project was initially sponsored by the Head of IS Power Generation, due to the number of passwords that Power Station staff were required to remember. However, as the requirement for a truly enterprise solution became more pressing, the sponsorship moved into the SAP Competency Centre.

Why did Centrica embark on another Identity Project after the original implementation?

The initial identity project did not implement federated identity, partially as there was an existing SSO solution within the British Gas business and there was not a requirement for an enterprise solution at the time the original ID project was put in place. Once the requirement was there to look at SSO on an enterprise level, leveraging the existing work that had been done.

How is the system managed and what service levels are required?

The solution is managed by our colleagues in British Gas, with the support element currently being undertaken by Infosys. Availability is as per the main IAM solution, with 99.5% availability and 24x7 support in place. RTO 30mins RPO 15mins

If you were to embark on the project again knowing what you do what would you change?

The intergration with the SAP Netweaver Portal v7.3 was the most challenging part of the project – we were unable to find any other company that had configured SAP Netweaver 7.3 to accept SAML 2 and initially didn’t have the necessary knowledge or resources to be able to implement this to begin with. Through a mix of extensive reading, coupled with trial and error, we were able to integrate the system. Specialist resourcing on the SAP side of things was the biggest lesson we took forward from this.

Wednesday Apr 24, 2013

What is Your Cloud Security Forecast?

Photo courtesy:

You don’t like losing control – that is human nature. In your personal life or professional – whether you are an IT architect, a manager, developer, a DBA or an executive, you never like losing control or not knowing a situation or an outcome. But a cloud deployment is exactly that – where you don’t have a 100% control over or insight into the security framework that govern your applications or data in the cloud.

The problem is further exacerbated with latency and fragmentation. If it is not the same security policies that govern your enterprise infrastructure and your cloud deployment, duplicating security policy data in multiple places will complicate policy enforcement. Fragmentation, in turn, creates latency where a change in the system is not detected or acted upon immediately making your cloud systems vulnerable. If, for example, your employee changes jobs, unless the HR system is immediately able to trigger a revocation alert/workflow across all the applications and systems – both in-house and in the cloud, you may have inadvertently allowed unauthorized (and potentially damaging) access to your applications and data.

Of course, then there is audit and compliance. If you are a financial institution your cloud has to provide reporting to address the BASEL 2 requirements or you will incur financial penalties. If your cloud hosts your General Ledger – your cloud has to provide Sarbanes Oxley (SOX) certification. If your customers are in Europe, your cloud has to comply with the European data privacy directive. How do organizations, such as yours, provide timely compliance reporting and remediation if you don’t have visibility or if recent actions aren’t immediately recorded. Fragmentation and latency, thus, impact audit and compliance reporting. Simply put, if you don’t know about it, you can’t accurately report on it.

So, if fragmentation and latency are the issues, a standardized platform must be the antidote! Having a complete, standardized security and identity management platform will allow you to enforce uniform security policies across all your resources – on-premise or hosted. A platform approach implies seamless integration within components thereby getting rid of security and identity silos. A platform approach implies interoperability so that the framework works for your complete heterogeneous infrastructure. A platform approach affords scalability- you can support thousands or millions of users across the myriad of resources. You can scale to what the new digital experience requires!

Thanks to Oracle’s large and advanced customer base, the company realized the rationale for the platform approach to Security and Identity Management early on. Oracle offers the industry’s first Identity Management platform that is proven to be extensible enough to support your internet scale.

Learn more about Oracle’s platform approach to Identity Management and how you can leverage Identity services at internet scale. Download the free whitepaper today.

And for more information and resources, visit Oracle Identity Management on today.

Monday Apr 22, 2013

Addressing the Top 5 Cloud Security Challenges

As we talk to organizations around the world, it is clear that most consider Cloud as the biggest opportunity today to reduce cost. To any organization, cloud offers numerous advantages – business agility, reduced operational costs, scalability, improved performance and more. With cloud deployments ranging from private to hybrid to public, the scale of benefits vary but so do the risks.

Going up the cloud continuum from on-premise to private to hybrid and then public cloud, IT’s control and visibility into security policies decreases.

Private clouds give organizations greater control over security and data privacy, compliance, and also quality of service, since private clouds can manage network bandwidth and implement optimizations that public clouds don’t allow. But much like your enterprise, risks arise from privileged access and insider threats. In the public cloud, policies are managed by an outside 3rd party which is the cloud service provider. A shared environment in the public cloud also causes security and compliance concerns. A hybrid cloud, by its very definition, encapsulates both the benefits and the risks of both the private and public clouds.

As we move through the spectrum, security policies get more and more fragmented as we duplicate policy data in multiple places. Consequently, latency also increases and risk increases exponentially. Add to that the compliance and governance issues and it is no wonder that Security continues to be the #1 barrier in cloud adoption. In fact, according to the “Private Cloud Vision vs. Reality”, InformationWeek Report, 2012, 82% of organizations say security and data privacy concerns are one of the main reasons they are phasing out, or have decided to not use, public cloud.

So, where best to focus your efforts so as to leverage cloud without risking security? A recent CSO Online survey of Chief Security officers found that the top 5 security concerns for cloud were all related to mobile data access, regulatory compliance and managing access to the data and the applications i.e., Identity Management.

Organizations that move applications into the cloud have to bridge the gap between the enterprise and the cloud by providing standardized security framework around data security and application access. Take some time to watch this brief screencast and learn how you can manage security risks, address governance issues while unlocking the full potential of the cloud.

Thursday Apr 18, 2013

Centrica drives down operational cost by implementing Single Sign On using Oracle IDM

Centrica Plc is an integrated energy company operating in 7 countries including the U.K. and U.S. that supplies electricity and gas for 30 million consumer and business customers.

In an effort to drive down operational costs due to password resets for their critical business applications, Centrica engaged aurionPro SENA to help them explore the most cost effective options.

The project goals were to:

  • simplify user log on to SAP
  • reduce the number of passwords
  • automate password resets
  • reduce the number of help desk calls (related to password issues)

To find out more about the Enterprise Single Sign on system designed and implemented for this project, join us on April 25, 2013 @ 10:00 am PST for a webcast featuring Chris Wilton, Senior Project Manager at Centrica, Ben Bulpett, Alliances and Enterprise Account Director at aurionPro SENA, and myself (Darin Pendergraft, Product Marketing, Oracle)

We will discuss the project and will have an opportunity for live Q&A.

Click Here to Register! 

Tuesday Apr 16, 2013

5th Annual EMEA Customer Advisory Board held in Vienna, March 18 - 20, 2013

This year the EMEA Customer Advisory Board (CAB) was held in the beautiful city of Vienna, Austria.  Representatives from Oracle product management and engineering teams met with customers from all over Europe to discuss market trends, product direction, and to get feedback on current products.

Day 1 focused on updates since the last CAB meeting, including the launch of 11gR2, the state of the IDM business, and featured updates from the Directory Team, the Access Management Team and the Identity Governance team.

Day 2 contained moderated discussions focusing on Mobile Identity Management, Cloud Identity Management, and Enterprise IDM.  The first of three customer presentations was delivered by Vodafone Romania who discussed how they are using Oracle IDM.

Day 3 contained customer presentations by BT and Turkcell, followed by breakout sessions, on topics ranging from risk management to upgrade & migration strategies.

Overall, this CAB was a very big success, and proved beneficial to both the Oracle Product Teams who collected valuable feedback from customers, and for customers to hear directly from the product teams about upcoming product road maps and direction.  Several customers also mentioned that they really enjoyed hearing about other customers' implementations and plans.

Thank you to all that attended, and a special thank you to those customers that presented! 

Friday Apr 05, 2013

Yarra Valley Water utilizes Oracle Identity Management

Yarra Valley Water (YVW) is the largest of Melbourne’s three water retail businesses. Owned by the State Government of Victoria (Australia), YVW provides water supply and sewerage services to over 1.7 million people and over 50,000 businesses in Melbourne’s northern and eastern suburbs, including some recycled water and trade waste customers.

YVW needed to automate account provisioning for both its partners and end users so that they have easy yet secure online access to YVW applications. Check out this video to find out more about YVW’s use case and how Oracle Identity Management helped.


Oracle Identity Management is a complete and integrated next-generation identity management platform that provides breakthrough scalability; enables organizations to achieve rapid compliance with regulatory mandates; secures sensitive applications and data regardless of whether they are hosted on-premise or in a cloud; and reduces operational costs. Oracle Identity Management enables secure user access to resources anytime on any device.


« April 2013 »