Sunday Nov 03, 2013

Patients are Running out of Patience

Healthcare is in a dramatic state of change globally and the change is being driven by patients. Patients are no longer content to wait in line, endure appointment delays and stay on hold waiting for a health insurance representative. Instead, patients are demanding on-line access to physicians, joining communities with fellow patients, scheduling appointments online and resolving claims issues over email. 

To accomodate the demand for patient connectivity, providers are innovating to find new ways to collaborate with patients. To address the demand, providers are providing 24/7 access online and pioneering ways to deliver care via mobile devices -  for example using your iPhone as a heart monitor. Patient vitals can be collected before the patient even walks into the clinic. 

These new approaches promise to enhance the patient experience and reduce the cost of care. Time is money both for the patient and the provider. For insurance companies, all of this is  welcome news because it reduces un-necessary time with the physician which reduces the number of claims.  Oracle is focused on enabling and securing the experience. The video below shares the Oracle healthcare transformation story.


Friday Nov 01, 2013

The Importance of a Security Assessment - by Michael Terra, Oracle

Today's Blog was written by Michael Terra, who was the Subject Matter Expert for the recently announced Oracle Online Security Assessment.

You can take the Online Assessment here: Take the Online Assessment

Over the past decade, IT Security has become a recognized and respected Business discipline.  Several factors have contributed to IT Security becoming a core business and organizational enabler including, but not limited to, increased external threats and increased regulatory pressure. Security is also viewed as a key enabler for strategic corporate activities such as mergers and acquisitions.

Now, the challenge for senior security professionals is to develop an ongoing dialogue within their organizations about the importance of information security and how it can impact their organization's strategic objectives/mission.

The importance of conducting regular “Security Assessments” across the IT and physical infrastructure has become increasingly important. Security standards and frameworks, such as the international standard ISO 27001, are increasingly being adopted by organizations and their business partners as proof of their security posture and “Security Assessments” are a great way to ensure a continued alignment to these frameworks.

Oracle offers a number of different security assessment covering a broad range of technologies. Some of these are short engagements conducted for free with our strategic customers and partners. Others are longer term paid engagements delivered by Oracle Consulting Services or one of our partners. The goal of a security assessment, (also known as a security audit or security review), is to ensure that necessary security controls are integrated into the design and implementation of a project, application or technology.  A properly completed security assessment should provide documentation outlining any security gaps that exist in an infrastructure and the associated risks for those gaps. With that knowledge, an organization can choose to either mitigate, transfer, avoid or accept the risk.

One example of an Oracle offering is a Security Readiness Assessment:

The Oracle Security Readiness Assessment is a practical security architecture review focused on aligning an organization’s enterprise security architecture to their business principals and strategic objectives. The service will establish a multi-phase security architecture roadmap focused on supporting new and existing business initiatives.

Offering Overview

The Security Readiness Assessment will:

  • Define an organization’s current security posture and provide a roadmap to a desired future state architecture by mapping  security solutions to business goals
  • Incorporate commonly accepted security architecture concepts to streamline an organization’s security vision from strategy to implementation
  • Define the people, process and technology implications of the desired future state architecture
  • The objective is to deliver cohesive, best practice security architectures spanning multiple domains that are unique and specific to the context of your organization.

Offering Details

The Oracle Security Readiness Assessment is a multi-stage process with a dedicated Oracle Security team supporting your organization.  During the course of this free engagement, the team will focus on the following:

  • Review your current business operating model and supporting IT security structures and processes
  • Partner with your organization to establish a future state security architecture leveraging Oracle’s reference architectures, capability maps, and best practices
  • Provide guidance and recommendations on governance practices for the rollout and adoption of your future state security architecture
  • Create an initial business case for the adoption of the future state security architecture

If you are interested in finding out more, ask your Sales Consultant or Account Manager for details.

Thursday Oct 31, 2013

Take our Online Assessment to see how your IDM strategy stacks up

Recently, we launched a new online self assessment tool to help customers review their current IDM infrastructure.  This 10 question self assessment will allow you to measure the effectiveness of your IDM technology, but also business processes and security posture.

Watch the video below, and then click the "Get Started!" link embedded in the player to take the survey. (Note: the video tells you to go to our page to get started - but using the link in the video player saves you the extra step.)

At the end of the survey, you will be presented with your overall score, your security maturity ranking, and you can register to save your results and to download a comprehensive report.  The report explains each of the questions, notes your response, and makes specific suggestions.

Use this link to jump to the Online Assessment directly:  Take the assessment, and see how you rank!

Wednesday Oct 23, 2013

Oracle Identity Management Connector Overview

Oracle Identity Manager (OIM) is a complete Identity Governance system that automates access rights management, and provisions IT resources.  One important aspect of this system is the Identity Connectors that are used to integrate OIM with external, identity-aware applications.

New in OIM 11gR2 PS1 is the Identity Connector Framework (ICF) which is the foundation for both OIM and Oracle Waveset.

Identity Connectors perform several very important functions:

  • On boarding accounts from trusted sources like SAP, Oracle E-Business Suite, & PeopleSoft HCM
  • Managing users lifecycle in various Target systems through provisioning and recon operations
  • Synchronizing entitlements from targets systems so that they are available in the OIM request catalog
  • Fulfilling access grants and access revoke requests
  • Some connectors may support Role Lifecycle Management
  • Some connectors may support password sync from target to OIM

The Identity Connectors are broken down into several families:

The BMC Remedy Family

  • BMC Remedy Ticket Management
  • BMC Remedy User Management

The Microsoft Family

  • Microsoft Active Directory
  • Microsoft Active Directory Password Sync
  • Microsoft Exchange

The Novell Family

  • Novell eDirectory
  • Novell GroupWise

The Oracle E-Business Suite Family

  • Oracle e-Business Employee Reconciliation
  • Oracle e-Business User Management

The PeopleSoft Family

  • PeopleSoft Employee Reconciliation
  • PeopleSoft User Management

The SAP Family

  • SAP Employee Reconciliation
  • SAP User Management

The UNIX Family

  • UNIX Telnet

As you can see, there are a large number of connectors that support apps from a variety of vendors to enable OIM to manage your business applications and resources.

If you are interested in finding out more, you can get documentation on these connectors on our OTN page at:

Tuesday Oct 22, 2013

Enjoy Cloud Odyssey The Oracle Movie

If you attended Open World you may have seen the promotions for a new movie produced by Oracle. The movie is called Cloud Odyssey and it chronicles the journey of a hero to the cloud. The movie is an animated sci-fi adventure. This movie will be played at Oracle events around the world so you may soon get an invite to attend. Interesting approach to telling the cloud story. For many IT organizations, the journey to the cloud is a major initiative for end users. I am sure Homer would be proud. In fact perhaps if it is successful, I am hopeful we may see a cloud Iliad. 

Below, I have embedded a trailer to the movie for your viewing pleasure. While it clearly is not the next Iron Man, it is intriguing. Hope you enjoy. 

Thursday Oct 17, 2013

Two views of Federation: inside out, and outside in

I always think of Star Fleet when I hear Federation!

IDM customers that I speak to have spent a lot of time thinking about enterprise SSO - asking your employees to log in to multiple systems, each with distinct hard to guess (translation: hard to remember) passwords that fit the corporate security policy for length and complexity is a strategy that is just begging for a lot of help-desk password reset calls. So forward thinking organizations have implemented SSO for as many systems as possible.

With the mix of Enterprise Apps moving to the cloud, it makes sense to continue this SSO strategy by Federating with those cloud apps and services.  Organizations maintain control, since employee access to the externally hosted apps is provided via the enterprise account.  If the employee leaves, their access to the cloud app is terminated when their enterprise account is disabled.  The employees don't have to remember another username and password - so life is good.

From the outside in - I am excited about the increasing use of Social Sign-on - or BYOI (Bring your own Identity).  The convenience of single-sign on is extended to customers/users/prospects when organizations enable access to business services using a social ID.  The last thing I want when visiting a website or blog is to create another account.  So using my Google or Twitter ID is a very nice quick way to get access without having to go through a registration process that creates another username/password that I have to try to remember.

The convenience of not having to maintain multiple passwords is obvious, whether you are an employee or customer - and the security benefit of not having lots of passwords to lose or forget is there as well.

Are enterprises allowing employees to use their personal (social) IDs for enterprise apps?  Not yet, but we are moving in the right direction, and we will get there some day.

Monday Oct 14, 2013

CSO Summit Open World

If you attended Open World, you were present for a historic occasion, not only was this the largest Open World, but the Oracle team also won the America's cup against incredible odds. There are a few lessons we can apply to security. Security, like the America's Cup race, is about latency. Since 2007 the boat speeds have gone from 14 mph to 50 mph with greater control and roughly the same number of crew on-board.

Without the technology on-board providing control, these boats would be very difficult to pilot. The mast of the AC72 is as high as a three story building. Yet, despite the large size, these boats almost fly over the water.  Today many businesses face the same challenge, they must grow while maintaining the same level of governance. Security allows companies to accelerate with confidence.

The theme for the CSO Summit was "accelerating with confidence".  With over 18 countries represented across 12 vertical markets, it was truly a world class audience.  Instead of an exclusively security audience, this year the executives came from many lines of business. This reinforces the trend that companies are starting to progressively align security to new business initiatives. For a survey on companies using security as a business enabler see the PWC Global State of Information Survey

SUN2Oracle upgrades and migrations

There are many resources for SUN customers who are interested in upgrading or migrating to Oracle IDM.  And since this is a common request from customers, I wanted to list a few of them here for easy access.

Here are two customer stories that represent both types of upgrade: an incremental upgrade, and a full re-platform

SuperValu represents an incremental upgrade (we call this a co-existance strategy, where both SUN and Oracle IDM are used together).  In this customer case study, a decision was made to incrementally upgrade individual components since the organization had a lot of staff resources that were good with the SUN products.

Customer success story: webcast replay link

In the case of Avea, the decision was made to re-architect a whole new IDM platform foundation due to performance requirements, and new features available in the Oracle products.

Customer Success Story: webcast replay link

SUN DSEE customers that are looking to move to the next generation, highly scalable Oracle Unified Directory can take a look at this webcast replay, where UCLA, and partner Hub City Media moved from a DSEE directory implementation directly to OUD:

SUN2Oracle: Upgrading from DSEE to the next generation Oracle Unified Directory: Webcast replay link

A common problem that customer's have is explaining to their management all of the benefits of upgrading and then building a business case to get the project funded.  In this video, Mike Neuenschwander explains how to build a business case for a SUN2Oracle IDM upgrade.

Finally, in this video, Mike gives advice for how to build a project roadmap to migrate from SUN to Oracle IDM:

Monday Oct 07, 2013

OpenWorld Recap - CON8808 Amit Jasuja's Identity Management Presentation

CON8808 at OpenWorld 2013 in San Francisco was a big event for the IDM team.  In his presentation, Amit Jasuja talked about how IDM has gone from a set of restrictive controls to a real business enabler.

His session featured 3 live demos.  In the first, he took an iPad from an audience volunteer, downloaded a secure container, and showed how he could access his corporate resources and files on a borrowed device, from a public network.

In the second demo, he showed how an administrator could request privileged access in order to start up a demonstration server.  One of the key points of this demo was that the the person requesting the access never saw the password, but was able to execute the start up command to get the server running.

In the third demo, Amit showed converged Identity Governance; he was able to certify file and application access from the same console.

After each demo, Amit would talk through how each was achieved using Oracle IDM. Although you can't see the demos (since they were live), I have attached his slides.

Sunday Oct 06, 2013

Making Cars More Social: Redefining Identity Management

When you were 16, ( or perhaps still believe you are 16) your car was the enabler to your social life providing you with the freedom and means to explore. Today your car is a platform for your life transporting your family and providing transportation to and from work. The average commute time in the US one way is 25.4 minutes. If you are on the east coast or Washington DC that time is significantly greater. In Sao Paulo Brazil, the average commute time is 43 minutes. So if we assume 1 hour a day for 52 weeks a year we can spend more than 300+ hours in our cars. Most commuters are now using their cars as mobile offices and for social time to connect with colleagues, friends and family. As a baseline the average social media user can spend 6.9 hours per month on social media sites. If your car is social enabled, you can probably double your time on Facebook. 

It is not surprising that manufacturers of automobiles are taking advantage of the social revolution both as a means of providing better service to consumers and as a means of enabling consumers to connect and get more work done. The transformation is across the entire life-cyle of the automobile from innovation to consumer experience. This video provides an info-graphic of the transformation.

This new experience is redefining how we think about Identity Management and security. To connect your cars to the social network, the car needs and identity and each passenger needs an identity on the vehicles they drive. The car personalizes to each driver and becomes a platform for applications which means authorization and authentication across applications. All of this moves passenger and driver context into the foreground for automative designers. The graphic below the new requirements for security when we identity enable a car.

Friday Sep 20, 2013

CON8829: Partnering for Success with your System Integrator - OOW13 MUST SEE

OpenWorld 2013 is almost here.  I am very excited to tell you a little bit about my session.  I will be speaking with several of Oracle's top tier partners in CON8829 which will be on Wednesday at 10:15 am in Moscone West room 2018.

This is a bit of a free form session, where each of the panelist will give a little bit of an update on major trends they are seeing in the market.  Then, we will have a live Q&A session which will be lead by the hard hitting, yet erudite Scott Bonnell.

On the panel this year will be:

  • Andrew Morrison, from Deloitte and Touche, LLP
  • Alexander Bollonte, from Accenture
  • Rex Thexton, from PwC, LLP
  • and me, Darin Pendergraft from Oracle

We did this session last year, and it was a lot of fun.  This will be a good opportunity to ask your questions, and to hear what the partners are focusing on.  Come join us on Wednesday!

Thursday Sep 19, 2013

CON8811: Converged Identity Governance for speeding up business and reducing cost

We talk a lot about the platform approach to Identity Management: and in CON8811, Sanjay Rallapalli explains how the Platform Approach applies to Identity Governance.

He will show how a platform approach enables organizations to pursue end-to-end user lifecycle management and closed-loop remediation for both standard and privileged user access, driving down costs by automating error prone manual processes.

Joining Sanjay on stage to give their perspective will be Chris Commerford from Pfizer, Rich Flees from Qualcomm, and Dariusz Spiewak, from ZUS, Poland.

Click this link to get more information and to register for the session:

CON8828: Justifying and Planning a successful Identity Management Upgrade

One of the things the IDM team has been focused on, is providing an upgrade path to our SUN customers and CON8828 is focused on just that.

On Wednesday, September 25 @ 10:15 am, Sanjay Rallapalli will talk you through the major considerations when planning an upgrade, such as:

  • Do you need to do data migration?
  • Do you have a test plan?
  • Do you have a backup?
  • Will your upgrade be in-place?

Sanjay will be joined on stage by Anthony Undorf from ETS, and Shanti Vellanki from Safeway who will share their upgrade experiences.

Be sure to register for this session to reserve your spot, as I am sure it will fill up.

Friday Sep 13, 2013

200 Million: Directory Deployment at Verizon CON4535

Verizon Wireless is one of the fastest growing mobile carriers in the world with a brand and reputation for quality of service. Serving more than 90 million users with more than 220 million entries, Verizon required a modern access and directory infrastructure to deliver a secure and user-friendly experience with high performance and availability. To grasp the dramatic scale that telecommunications organizations will have to address, the chart below shows how global data traffic has grown in the past five years with 100% growth between 2011 and 2012. 

They also needed risk-aware, social-ready access control that could adapt in real time to enhance security while improving usability; a high-performance directory capable of searches/modifications in 1 to 2 ms and additions in less than 10 ms, with the ability to quickly load hundreds of millions of entries to ensure performance; and a multi-master setup to deliver scalability and high availability.  The chart below provides a baseline for global smart phone subscription growth and highlights the pressure to gain new subscribers and share of market for Verizon and other telecommunications firms.

Attend this session to learn how Verizon Wireless leverages Oracle Access Management Suite and Oracle Unified Directory to provide exceptional services to its members. Register here 

Thursday Sep 12, 2013

OOW 2013 Content: Access at Scale for Hundreds of Millions of Users

Scalability has become a much more important requirement for IDM professionals as we expand to securely accommodate multiple personal networked devices with access to our corporate apps and data.

Access at Scale for Hundreds of Millions of Users [CON8833] will take a look at this trend and will review several business cases.  In addition to the Oracle speakers, this session will feature Nirmal Rahi, Solution Architect from College Board, Brendan McGuire, Director from KPMG and Chirag Andani, Sr. Director, Identity & Access Management, PDIT - Oracle.

Plan on attending this session on:

Monday, Sep 23, 12:15 PM - 1:15 PM - @ Moscone West - 2018

Wednesday Sep 11, 2013

OOW Session: Who should Have Access to What , Risk = Hazard + Outrage

Risk = Hazard + Outrage. This was Peter Sandman's simple formula for executives to evaluate the risk and response to a potentially brand damaging event. With user access, the formula applies as well. If a trusted administrator gets access to the latest product specs and discloses the information to the public without consent, the hazard is financially high and the shareholder outrage is perhaps equivalently high. The net is directly equivalent to the risk of the event happening. 

So when we consider who should have access to what, different users constitute different risk.  A single administrator with root access may create a higher risk than the intern working in the mail room. The risk is directly related to the system and the data to which these individuals have access. Governing the data is directly related to how we govern the user access. 

If these topics interest you, You will want to catch Jim Taylor and Neil Gandhi at Open World in session "CON8810: Who Should have Access to What -- Better risk management with Identity Governance" . Complete list of sessions click here.

Monday Sep 09, 2013

Amit Jasuja's OOW2013 IDM Presentation - Oracle IDM: Enabling Business Growth in the New Economy

Hello Everyone!

The IDM team is feverishly working to get everything ready for another amazing OpenWorld conference.  There is going to be a lot to do and see, and to help you get around, we have created several tools to help you build a schedule.

The Focus on Identity Management page is the best way to take a look at all of the sessions that are being presented by the Oracle IDM team. You can click on the title and see a detailed summary of the session, and once you are on the session page, you can register to attend (if you are logged in).  Last year we had several sessions fill up, so if you see something you really like, but sure to register to save a spot.

The IDM team will also be blogging about our sessions to give you more of a preview of what you are going to see.  I will get things started off by telling you a little bit about Amit Jasuja's presentation - Oracle IDM: Enabling Business Growth in the New Economy [CON8808].

Amit's presentation represents our overall theme this year of demonstrating how Identity Management technologies and practice can not only protect your business, but more importantly, can help your business grow by allowing you to securely offer new business services in the new mobile, social and cloud app economy.  Amit's session will include demos of secure mobile access that you will definitely find interesting.

We are also very pleased to have two customer spotlights during his session featuring Dominic Fedronic from VISA, and Adam Hergert from ANZ Bank.  Both of these customers will discuss how they are using Oracle IDM to offer new services while maintaining the highest level of security and regulatory compliance.

Be sure to register for this session, as I am sure it will fill up quickly: Register for Amit's Session

Wednesday Aug 14, 2013

Identity Management at Oracle OpenWorld 2013

The IDM team is getting ready for OpenWorld 2013 and the speaking schedule is now available.  Take a look at the schedule below.

Monday September 23, 2013




10:45 am – 11:45 am

CON8808: Oracle Identity Management: Enabling Business Growth in the New Economy

Amit Jasuja Senior VP, Identity Management and Security, Oracle

Moscone West, Room 2018

12:15 am – 1:15 pm

CON8833: Access at Scale for 100's of millions of users

Venu Shastri, Senior Principal Product Manager, Oracle
Selvendran Neelamegam, Principal Member Technical Staff, Oracle

Moscone West, Room 2018

1:45 pm – 2:45 pm

CON8810: Who Should have Access to What -- Better risk management with Identity Governance

Jim Taylor, Senior Director Product Management, Oracle
Neil Gandhi, Principal Product Manager, Oracle

Moscone West, Room 2018

4:45 pm – 5:45 pm

CON8819: Context and Risk Aware Access Control – Any Device Any Where

Svetlana Kolomeyskaya, Principal Product Manager, Oracle
Ashish Kolli, Senior Director Development, Oracle

Moscone West, Room 2018

4:45 pm – 5:45 pm

CON4535: 200M: Real World Large Scale Access and Directory Deployment at Verizon

Nahil Khan, Verizon Wireless

Moscone West, Room 2012

Tuesday September 24, 2013




10:15 am – 11:15 am

CON8811: Converged Identity Governance to Speed up Business and Reduce Cost

Sanjay Rallapalli, Senior Manager, Product Management, Oracle
Rajesh Pakkath, Principal Product Manager, Oracle

Moscone West, Room 2018

11:45 am – 12:45 pm

CON8896: Securely Enabling Mobile Access for Business Transformation

Lee Howarth, Senior Principal Product Manager, Oracle
Ajay Sondhil, Software Development Director, Oracle

Moscone West, Room 2018

1:15 pm – 2:15 pm

CON8834: Attract new customers and users by leveraging Bring Your Own Identity (BYOI)

Forest Yin, Senior Director of Product Management, Oracle

Moscone West, Room 2018

5:00 pm – 6:00 pm

CON8817: API Management: Enable Your Infrastructure for Secure Mobile and Cloud Use

Ganesh Kirti, Oracle
Sastry Hari, Architect - Entitlement Server, Oracle

Moscone West, Room 2018

Wednesday September 25, 2013




10:15 am – 11:15 am

CON8829: Partnering for Success with your System Integrator

Scott Bonnell, Senior Director Product Management, Oracle
Darin Pendergraft, Principal Product Marketing Director, Oracle

Moscone West, Room 2018

11:45 am – 12:45 pm

CON8837: Leverage Authorization to Monetize Content and Media Subscriptions

Roger Wigenstam, Senior Director Product Management, Oracle
Sid Mishra, Senior Principal Product Manager, Oracle

Moscone West, Room 2018

1:15 pm – 2:15 pm

CON8828: Justifying and Planning a successful Identity Management Upgrade

Javed Beg, Group Product Manager, Oracle
Sanjay Rallapalli,
Senior Manager, Product Management, Oracle, Oracle

Moscone West, Room 2018

3:30 am – 4:30 pm

CON8813: Securing Privileged Accounts with an integrated identity management solution

Olaf Stullich, Principal Product Manager, Oracle

Moscone West, Room 2018

5:00 pm – 6:00 pm

CON8823: Access Management for the Internet of Things

Kanishk Mahajan, Principal Product Manager, Oracle
Mark Wilcox, Senior Manager Product Management, Oracle

Moscone West, Room 2018

Thursday September 26, 2013




11:00 am – 12:00 pm

CON8836: Leveraging the Cloud to simplify your Identity Management implementation

Guru Shashikumar, Product Management Director, Oracle
Mike Neuenschwander, Senior Director of Product Management, Oracle

Moscone West, Room 2018

12:30 pm – 1:30 pm

CON4342: Identity Services in the New GM IT

Andrew Cameron, General Motors

Moscone West, Room 2018

2:00 pm – 3:00 pm

CON9024: Next Generation Optimized Directory - Oracle Unified Directory

Etienne Remillon, Senior Principal Product Manager, Oracle

Moscone West, Room 2018

2:00 pm – 3:00 pm

CON8902: Developing Secure Mobile Applications

Mark Wilcox, Senior Manager - Product Management, Oracle
Mahajan, Principal Product Manager, Oracle

Marriot Marquis - Golden Gate C3

3:30 pm – 4:30 pm

CON8826: Zero Capital Investment by leveraging Identity Management as a Service

Mike Neuenschwander, Senior Director of Product Management, Oracle
Lee Howarth,
Senior Principal Product Manager, Oracle

Moscone West, Room 2018

Monday Jul 01, 2013

SIM to OIM Migration: A How-to Guide to Avoid Costly Mistakes (SDG Corporation)

In the fall of 2012, Oracle launched a major upgrade to its IDM portfolio: the 11gR2 release.  11gR2 had four major focus areas:

  • More simplified and customizable user experience
  • Support for cloud, mobile, and social applications
  • Extreme scalability
  • Clear upgrade path

For SUN migration customers, it is critical to develop and execute a clearly defined plan prior to beginning this process.  The plan should include initiation and discovery, assessment and analysis, future state architecture, review and collaboration, and gap analysis. 

To help better understand your upgrade choices, SDG, an Oracle partner has developed a series of three whitepapers focused on SUN Identity Manager (SIM) to Oracle Identity Manager (OIM) migration.

In the second of this series on SUN Identity Manager (SIM) to Oracle Identity Manager (OIM) migration, Santosh Kumar Singh from SDG  discusses the proper steps that should be taken during the planning-to-post implementation phases to ensure a smooth transition from SIM to OIM.

Read the whitepaper for Part 2: Download Part 2 from

In the last of this series of white papers, Santosh will talk about Identity and Access Management best practices and how these need to be considered when going through with an OIM migration.

If you have not taken the opportunity, please read the first in this series which discusses the Migration Approach, Methodology, and Tools for you to consider when planning a migration from SIM to OIM. Read the white paper for part 1: Download Part 1 from

About the Author:

Santosh Kumar Singh

Identity and Access Management (IAM) Practice Leader

Santosh, in his capacity as SDG Identity and Access Management (IAM) Practice Leader, has direct senior management responsibility for the firm's strategy, planning, competency building, and engagement deliverance for this Practice. He brings over 12+ years of extensive IT, business, and project management and delivery experience, primarily within enterprise directory, single sign-on (SSO) application, and federated identity services, provisioning solutions, role and password management, and security audit and enterprise blueprint. Santosh possesses strong architecture and implementation expertise in all areas within these technologies and has repeatedly lead teams in successfully deploying complex technical solutions.

About SDG:

SDG Corporation empowers forward thinking companies to strategize their future, realize their vision, and minimize their IT risk. SDG distinguishes itself by offering flexible business models to fit their clients’ needs; faster time-to-market with its pre-built solutions and frameworks; a broad-based foundation of domain experts, and deep program management expertise. (

Tuesday Jun 25, 2013

Register for a free webcast presented by ISC2: Identity Auditing Techniques for Reducing Operational Risk and Internal Delays

Join us tomorrow, June 26 @ 10:00 am PST for Part 1 of a 3 part security series co-presented by ISC2

Part 1 will deal focus on Identity Auditing techniques and will be delivered by Neil Gandhi, Principal Product Manager at Oracle and Brandon Dunlap, Managing Director at Brightfly

Register for Part 1: Identity Auditing Techniques for Reducing Operational Risk and Internal Delays


Part 2 will focus on how mobile device access is changing the performance and workloads of IDM directory systems and will be delivered by Etienne Remillon, Senior Principal Product Manager at Oracle, and Brandon Dunlap, Managing Director at Brightfly

Register for Part 2: Optimizing Directory Architecture for Mobile Devices and Applications


Finally, Part 3 will focus on what you need to do to support native mobile communications and security protocols and will be presented by Sid Mishra, Senior Principal Product Manager at Oracle, and Brandon Dunlap, Managing Director at Brightfly.

Register for Part 3: Using New Design Patterns to Improve Mobile Access Control

Monday Jun 03, 2013

A Summary of Identity Management R2 PS1

If you have downloaded Identity Management R2 PS1 and are looking for a good summary of capabilities, the presentation below by Marc Boroditsky, Vice President of Product Management, provides a good preview.

For more information on getting started with Identity Management R2 PS1 click here for the documentation. You can learn more about Identity Management R2 PS1 from these resources:

Tuesday May 28, 2013

Don't Secure Yourself Out of Business

As regulatory pressure and security threats continue to rise, the Chief Security Officer (CSO) role is gaining more importance in many organizations. With security spending at an all time high, many CSO's are re-thinking their priorities and focusing on risk. A recent CSO Market Pulse survey of IT executives, finds that in most organizations IT spending is not aligned with risk.

Mary Ann Davidson, Oracle Corp CSO, joins us for this exclusive webcast to discuss the findings of the survey. One of the most important voices among computer security practitioners today, Davidson describes how CSOs and other IT leaders can use this information to reduce risk in the enterprise. To Register Click Here.

Webcast Date: Thursday, July 18, 2013

Time: 10:00 PM PST

Speaker: Mary Ann Davidson, Chief Security Officer, Oracle

Registration: Click Here

API Security Beyond The Perimeter: IdM R2 PS1

If you are moving applications to the cloud or extending your applications to mobile devices, you will be concerned with securing the device interaction with users and with back end components that reside behind your perimeter. In Identity Management 11g R2 Patch Set 1, we have enhanced and released Oracle API Gateway to enable organizations to address the challenges of service oriented security, applications on mobile devices and applications in the cloud. Patch Set 1 is another step in rationalizing a platform approach to Identity and Access Management to enable organizations to modernize security. For a primer on Oracle API gateway, Apple Bagwell simplified the topic and captured it in a Prezi. Apple recently presented an overview to the Identity Architect Forum which was well received. He does a great job of simplifying and demystifying the topic. Click here to view the Prezi.

The latest docs to the Oracle API Gateway can be found hereFor more resources on Identity Management R2 Patch Set 1, see the links below. 

Thursday May 16, 2013

Congrats to Virgin Media: Best IAM Project Award

We extend our congratulations to the team at Virgin Media for winning the award for best Identity and Access Management project at the European Identity Conference in Munich this week. Excerpt below from the European Identity Conference.

In the category “Best Identity and Access Management Project”, the award goes to Virgin Media for the implementation of highly polished access control mechanisms with IAM technologies for the WiFi network of the London Underground metro system. This project went live for the 2012 Summer Olympics and had to meet very demanding requirements for high performance user authentication.

You can learn more about the Virgin Media story by viewing this on demand webcast here.


Oracle Identity Management is a complete and integrated next-generation identity management platform that provides breakthrough scalability; enables organizations to achieve rapid compliance with regulatory mandates; secures sensitive applications and data regardless of whether they are hosted on-premise or in a cloud; and reduces operational costs. Oracle Identity Management enables secure user access to resources anytime on any device.


« June 2016