Wednesday Oct 23, 2013

Oracle Identity Management Connector Overview

Oracle Identity Manager (OIM) is a complete Identity Governance system that automates access rights management, and provisions IT resources.  One important aspect of this system is the Identity Connectors that are used to integrate OIM with external, identity-aware applications.

New in OIM 11gR2 PS1 is the Identity Connector Framework (ICF) which is the foundation for both OIM and Oracle Waveset.

Identity Connectors perform several very important functions:

  • On boarding accounts from trusted sources like SAP, Oracle E-Business Suite, & PeopleSoft HCM
  • Managing users lifecycle in various Target systems through provisioning and recon operations
  • Synchronizing entitlements from targets systems so that they are available in the OIM request catalog
  • Fulfilling access grants and access revoke requests
  • Some connectors may support Role Lifecycle Management
  • Some connectors may support password sync from target to OIM

The Identity Connectors are broken down into several families:

The BMC Remedy Family

  • BMC Remedy Ticket Management
  • BMC Remedy User Management

The Microsoft Family

  • Microsoft Active Directory
  • Microsoft Active Directory Password Sync
  • Microsoft Exchange

The Novell Family

  • Novell eDirectory
  • Novell GroupWise

The Oracle E-Business Suite Family

  • Oracle e-Business Employee Reconciliation
  • Oracle e-Business User Management

The PeopleSoft Family

  • PeopleSoft Employee Reconciliation
  • PeopleSoft User Management

The SAP Family

  • SAP CUA
  • SAP Employee Reconciliation
  • SAP User Management

The UNIX Family

  • UNIX SSH
  • UNIX Telnet

As you can see, there are a large number of connectors that support apps from a variety of vendors to enable OIM to manage your business applications and resources.

If you are interested in finding out more, you can get documentation on these connectors on our OTN page at: http://www.oracle.com/technetwork/middleware/id-mgmt/downloads/connectors-101674.html





Tuesday Oct 22, 2013

Enjoy Cloud Odyssey The Oracle Movie

If you attended Open World you may have seen the promotions for a new movie produced by Oracle. The movie is called Cloud Odyssey and it chronicles the journey of a hero to the cloud. The movie is an animated sci-fi adventure. This movie will be played at Oracle events around the world so you may soon get an invite to attend. Interesting approach to telling the cloud story. For many IT organizations, the journey to the cloud is a major initiative for end users. I am sure Homer would be proud. In fact perhaps if it is successful, I am hopeful we may see a cloud Iliad. 

Below, I have embedded a trailer to the movie for your viewing pleasure. While it clearly is not the next Iron Man, it is intriguing. Hope you enjoy. 

Thursday Oct 17, 2013

Two views of Federation: inside out, and outside in

I always think of Star Fleet when I hear Federation!

IDM customers that I speak to have spent a lot of time thinking about enterprise SSO - asking your employees to log in to multiple systems, each with distinct hard to guess (translation: hard to remember) passwords that fit the corporate security policy for length and complexity is a strategy that is just begging for a lot of help-desk password reset calls. So forward thinking organizations have implemented SSO for as many systems as possible.

With the mix of Enterprise Apps moving to the cloud, it makes sense to continue this SSO strategy by Federating with those cloud apps and services.  Organizations maintain control, since employee access to the externally hosted apps is provided via the enterprise account.  If the employee leaves, their access to the cloud app is terminated when their enterprise account is disabled.  The employees don't have to remember another username and password - so life is good.

From the outside in - I am excited about the increasing use of Social Sign-on - or BYOI (Bring your own Identity).  The convenience of single-sign on is extended to customers/users/prospects when organizations enable access to business services using a social ID.  The last thing I want when visiting a website or blog is to create another account.  So using my Google or Twitter ID is a very nice quick way to get access without having to go through a registration process that creates another username/password that I have to try to remember.

The convenience of not having to maintain multiple passwords is obvious, whether you are an employee or customer - and the security benefit of not having lots of passwords to lose or forget is there as well.

Are enterprises allowing employees to use their personal (social) IDs for enterprise apps?  Not yet, but we are moving in the right direction, and we will get there some day.

Monday Oct 14, 2013

CSO Summit Open World

If you attended Open World, you were present for a historic occasion, not only was this the largest Open World, but the Oracle team also won the America's cup against incredible odds. There are a few lessons we can apply to security. Security, like the America's Cup race, is about latency. Since 2007 the boat speeds have gone from 14 mph to 50 mph with greater control and roughly the same number of crew on-board.

Without the technology on-board providing control, these boats would be very difficult to pilot. The mast of the AC72 is as high as a three story building. Yet, despite the large size, these boats almost fly over the water.  Today many businesses face the same challenge, they must grow while maintaining the same level of governance. Security allows companies to accelerate with confidence.

The theme for the CSO Summit was "accelerating with confidence".  With over 18 countries represented across 12 vertical markets, it was truly a world class audience.  Instead of an exclusively security audience, this year the executives came from many lines of business. This reinforces the trend that companies are starting to progressively align security to new business initiatives. For a survey on companies using security as a business enabler see the PWC Global State of Information Survey

SUN2Oracle upgrades and migrations

There are many resources for SUN customers who are interested in upgrading or migrating to Oracle IDM.  And since this is a common request from customers, I wanted to list a few of them here for easy access.

Here are two customer stories that represent both types of upgrade: an incremental upgrade, and a full re-platform

SuperValu represents an incremental upgrade (we call this a co-existance strategy, where both SUN and Oracle IDM are used together).  In this customer case study, a decision was made to incrementally upgrade individual components since the organization had a lot of staff resources that were good with the SUN products.


Customer success story: webcast replay link

In the case of Avea, the decision was made to re-architect a whole new IDM platform foundation due to performance requirements, and new features available in the Oracle products.


Customer Success Story: webcast replay link

SUN DSEE customers that are looking to move to the next generation, highly scalable Oracle Unified Directory can take a look at this webcast replay, where UCLA, and partner Hub City Media moved from a DSEE directory implementation directly to OUD:


SUN2Oracle: Upgrading from DSEE to the next generation Oracle Unified Directory: Webcast replay link

A common problem that customer's have is explaining to their management all of the benefits of upgrading and then building a business case to get the project funded.  In this video, Mike Neuenschwander explains how to build a business case for a SUN2Oracle IDM upgrade.

Finally, in this video, Mike gives advice for how to build a project roadmap to migrate from SUN to Oracle IDM:


Monday Oct 07, 2013

OpenWorld Recap - CON8808 Amit Jasuja's Identity Management Presentation

CON8808 at OpenWorld 2013 in San Francisco was a big event for the IDM team.  In his presentation, Amit Jasuja talked about how IDM has gone from a set of restrictive controls to a real business enabler.

His session featured 3 live demos.  In the first, he took an iPad from an audience volunteer, downloaded a secure container, and showed how he could access his corporate resources and files on a borrowed device, from a public network.

In the second demo, he showed how an administrator could request privileged access in order to start up a demonstration server.  One of the key points of this demo was that the the person requesting the access never saw the password, but was able to execute the start up command to get the server running.

In the third demo, Amit showed converged Identity Governance; he was able to certify file and application access from the same console.

After each demo, Amit would talk through how each was achieved using Oracle IDM. Although you can't see the demos (since they were live), I have attached his slides.

Sunday Oct 06, 2013

Making Cars More Social: Redefining Identity Management

When you were 16, ( or perhaps still believe you are 16) your car was the enabler to your social life providing you with the freedom and means to explore. Today your car is a platform for your life transporting your family and providing transportation to and from work. The average commute time in the US one way is 25.4 minutes. If you are on the east coast or Washington DC that time is significantly greater. In Sao Paulo Brazil, the average commute time is 43 minutes. So if we assume 1 hour a day for 52 weeks a year we can spend more than 300+ hours in our cars. Most commuters are now using their cars as mobile offices and for social time to connect with colleagues, friends and family. As a baseline the average social media user can spend 6.9 hours per month on social media sites. If your car is social enabled, you can probably double your time on Facebook. 

It is not surprising that manufacturers of automobiles are taking advantage of the social revolution both as a means of providing better service to consumers and as a means of enabling consumers to connect and get more work done. The transformation is across the entire life-cyle of the automobile from innovation to consumer experience. This video provides an info-graphic of the transformation.

This new experience is redefining how we think about Identity Management and security. To connect your cars to the social network, the car needs and identity and each passenger needs an identity on the vehicles they drive. The car personalizes to each driver and becomes a platform for applications which means authorization and authentication across applications. All of this moves passenger and driver context into the foreground for automative designers. The graphic below the new requirements for security when we identity enable a car.

Friday Sep 20, 2013

CON8829: Partnering for Success with your System Integrator - OOW13 MUST SEE

OpenWorld 2013 is almost here.  I am very excited to tell you a little bit about my session.  I will be speaking with several of Oracle's top tier partners in CON8829 which will be on Wednesday at 10:15 am in Moscone West room 2018.

This is a bit of a free form session, where each of the panelist will give a little bit of an update on major trends they are seeing in the market.  Then, we will have a live Q&A session which will be lead by the hard hitting, yet erudite Scott Bonnell.

On the panel this year will be:

  • Andrew Morrison, from Deloitte and Touche, LLP
  • Alexander Bollonte, from Accenture
  • Rex Thexton, from PwC, LLP
  • and me, Darin Pendergraft from Oracle

We did this session last year, and it was a lot of fun.  This will be a good opportunity to ask your questions, and to hear what the partners are focusing on.  Come join us on Wednesday!

https://oracleus.activeevents.com/2013/connect/sessionDetail.ww?SESSION_ID=8829


Thursday Sep 19, 2013

CON8811: Converged Identity Governance for speeding up business and reducing cost

We talk a lot about the platform approach to Identity Management: and in CON8811, Sanjay Rallapalli explains how the Platform Approach applies to Identity Governance.

He will show how a platform approach enables organizations to pursue end-to-end user lifecycle management and closed-loop remediation for both standard and privileged user access, driving down costs by automating error prone manual processes.

Joining Sanjay on stage to give their perspective will be Chris Commerford from Pfizer, Rich Flees from Qualcomm, and Dariusz Spiewak, from ZUS, Poland.

Click this link to get more information and to register for the session: https://oracleus.activeevents.com/2013/connect/sessionDetail.ww?SESSION_ID=8811

CON8828: Justifying and Planning a successful Identity Management Upgrade

One of the things the IDM team has been focused on, is providing an upgrade path to our SUN customers and CON8828 is focused on just that.

On Wednesday, September 25 @ 10:15 am, Sanjay Rallapalli will talk you through the major considerations when planning an upgrade, such as:

  • Do you need to do data migration?
  • Do you have a test plan?
  • Do you have a backup?
  • Will your upgrade be in-place?

Sanjay will be joined on stage by Anthony Undorf from ETS, and Shanti Vellanki from Safeway who will share their upgrade experiences.

Be sure to register for this session to reserve your spot, as I am sure it will fill up.

https://oracleus.activeevents.com/2013/connect/sessionDetail.ww?SESSION_ID=8828


Friday Sep 13, 2013

200 Million: Directory Deployment at Verizon CON4535

Verizon Wireless is one of the fastest growing mobile carriers in the world with a brand and reputation for quality of service. Serving more than 90 million users with more than 220 million entries, Verizon required a modern access and directory infrastructure to deliver a secure and user-friendly experience with high performance and availability. To grasp the dramatic scale that telecommunications organizations will have to address, the chart below shows how global data traffic has grown in the past five years with 100% growth between 2011 and 2012. 

They also needed risk-aware, social-ready access control that could adapt in real time to enhance security while improving usability; a high-performance directory capable of searches/modifications in 1 to 2 ms and additions in less than 10 ms, with the ability to quickly load hundreds of millions of entries to ensure performance; and a multi-master setup to deliver scalability and high availability.  The chart below provides a baseline for global smart phone subscription growth and highlights the pressure to gain new subscribers and share of market for Verizon and other telecommunications firms.

Attend this session to learn how Verizon Wireless leverages Oracle Access Management Suite and Oracle Unified Directory to provide exceptional services to its members. Register here 

Thursday Sep 12, 2013

OOW 2013 Content: Access at Scale for Hundreds of Millions of Users

Scalability has become a much more important requirement for IDM professionals as we expand to securely accommodate multiple personal networked devices with access to our corporate apps and data.

Access at Scale for Hundreds of Millions of Users [CON8833] will take a look at this trend and will review several business cases.  In addition to the Oracle speakers, this session will feature Nirmal Rahi, Solution Architect from College Board, Brendan McGuire, Director from KPMG and Chirag Andani, Sr. Director, Identity & Access Management, PDIT - Oracle.

Plan on attending this session on:

Monday, Sep 23, 12:15 PM - 1:15 PM - @ Moscone West - 2018

Wednesday Sep 11, 2013

OOW Session: Who should Have Access to What , Risk = Hazard + Outrage

Risk = Hazard + Outrage. This was Peter Sandman's simple formula for executives to evaluate the risk and response to a potentially brand damaging event. With user access, the formula applies as well. If a trusted administrator gets access to the latest product specs and discloses the information to the public without consent, the hazard is financially high and the shareholder outrage is perhaps equivalently high. The net is directly equivalent to the risk of the event happening. 

So when we consider who should have access to what, different users constitute different risk.  A single administrator with root access may create a higher risk than the intern working in the mail room. The risk is directly related to the system and the data to which these individuals have access. Governing the data is directly related to how we govern the user access. 

If these topics interest you, You will want to catch Jim Taylor and Neil Gandhi at Open World in session "CON8810: Who Should have Access to What -- Better risk management with Identity Governance" . Complete list of sessions click here.

Monday Sep 09, 2013

Amit Jasuja's OOW2013 IDM Presentation - Oracle IDM: Enabling Business Growth in the New Economy

Hello Everyone!

The IDM team is feverishly working to get everything ready for another amazing OpenWorld conference.  There is going to be a lot to do and see, and to help you get around, we have created several tools to help you build a schedule.

The Focus on Identity Management page is the best way to take a look at all of the sessions that are being presented by the Oracle IDM team. You can click on the title and see a detailed summary of the session, and once you are on the session page, you can register to attend (if you are logged in).  Last year we had several sessions fill up, so if you see something you really like, but sure to register to save a spot.

The IDM team will also be blogging about our sessions to give you more of a preview of what you are going to see.  I will get things started off by telling you a little bit about Amit Jasuja's presentation - Oracle IDM: Enabling Business Growth in the New Economy [CON8808].

Amit's presentation represents our overall theme this year of demonstrating how Identity Management technologies and practice can not only protect your business, but more importantly, can help your business grow by allowing you to securely offer new business services in the new mobile, social and cloud app economy.  Amit's session will include demos of secure mobile access that you will definitely find interesting.

We are also very pleased to have two customer spotlights during his session featuring Dominic Fedronic from VISA, and Adam Hergert from ANZ Bank.  Both of these customers will discuss how they are using Oracle IDM to offer new services while maintaining the highest level of security and regulatory compliance.

Be sure to register for this session, as I am sure it will fill up quickly: Register for Amit's Session


Wednesday Aug 14, 2013

Identity Management at Oracle OpenWorld 2013

The IDM team is getting ready for OpenWorld 2013 and the speaking schedule is now available.  Take a look at the schedule below.

Monday September 23, 2013

TIME

TITLE

LOCATION

10:45 am – 11:45 am

CON8808: Oracle Identity Management: Enabling Business Growth in the New Economy

Amit Jasuja Senior VP, Identity Management and Security, Oracle

Moscone West, Room 2018

12:15 am – 1:15 pm

CON8833: Access at Scale for 100's of millions of users

Venu Shastri, Senior Principal Product Manager, Oracle
Selvendran Neelamegam, Principal Member Technical Staff, Oracle

Moscone West, Room 2018

1:45 pm – 2:45 pm

CON8810: Who Should have Access to What -- Better risk management with Identity Governance

Jim Taylor, Senior Director Product Management, Oracle
Neil Gandhi, Principal Product Manager, Oracle

Moscone West, Room 2018

4:45 pm – 5:45 pm

CON8819: Context and Risk Aware Access Control – Any Device Any Where

Svetlana Kolomeyskaya, Principal Product Manager, Oracle
Ashish Kolli, Senior Director Development, Oracle

Moscone West, Room 2018

4:45 pm – 5:45 pm

CON4535: 200M: Real World Large Scale Access and Directory Deployment at Verizon

Nahil Khan, Verizon Wireless

Moscone West, Room 2012


Tuesday September 24, 2013

TIME

TITLE

LOCATION

10:15 am – 11:15 am

CON8811: Converged Identity Governance to Speed up Business and Reduce Cost

Sanjay Rallapalli, Senior Manager, Product Management, Oracle
Rajesh Pakkath, Principal Product Manager, Oracle

Moscone West, Room 2018

11:45 am – 12:45 pm

CON8896: Securely Enabling Mobile Access for Business Transformation

Lee Howarth, Senior Principal Product Manager, Oracle
Ajay Sondhil, Software Development Director, Oracle

Moscone West, Room 2018

1:15 pm – 2:15 pm

CON8834: Attract new customers and users by leveraging Bring Your Own Identity (BYOI)

Forest Yin, Senior Director of Product Management, Oracle

Moscone West, Room 2018

5:00 pm – 6:00 pm

CON8817: API Management: Enable Your Infrastructure for Secure Mobile and Cloud Use

Ganesh Kirti, Oracle
Sastry Hari, Architect - Entitlement Server, Oracle

Moscone West, Room 2018


Wednesday September 25, 2013

TIME

TITLE

LOCATION

10:15 am – 11:15 am

CON8829: Partnering for Success with your System Integrator

Scott Bonnell, Senior Director Product Management, Oracle
Darin Pendergraft, Principal Product Marketing Director, Oracle

Moscone West, Room 2018

11:45 am – 12:45 pm

CON8837: Leverage Authorization to Monetize Content and Media Subscriptions

Roger Wigenstam, Senior Director Product Management, Oracle
Sid Mishra, Senior Principal Product Manager, Oracle

Moscone West, Room 2018

1:15 pm – 2:15 pm

CON8828: Justifying and Planning a successful Identity Management Upgrade

Javed Beg, Group Product Manager, Oracle
Sanjay Rallapalli,
Senior Manager, Product Management, Oracle, Oracle

Moscone West, Room 2018

3:30 am – 4:30 pm

CON8813: Securing Privileged Accounts with an integrated identity management solution

Olaf Stullich, Principal Product Manager, Oracle

Moscone West, Room 2018

5:00 pm – 6:00 pm

CON8823: Access Management for the Internet of Things

Kanishk Mahajan, Principal Product Manager, Oracle
Mark Wilcox, Senior Manager Product Management, Oracle

Moscone West, Room 2018

Thursday September 26, 2013

TIME

TITLE

LOCATION

11:00 am – 12:00 pm

CON8836: Leveraging the Cloud to simplify your Identity Management implementation

Guru Shashikumar, Product Management Director, Oracle
Mike Neuenschwander, Senior Director of Product Management, Oracle

Moscone West, Room 2018

12:30 pm – 1:30 pm

CON4342: Identity Services in the New GM IT

Andrew Cameron, General Motors

Moscone West, Room 2018

2:00 pm – 3:00 pm

CON9024: Next Generation Optimized Directory - Oracle Unified Directory

Etienne Remillon, Senior Principal Product Manager, Oracle

Moscone West, Room 2018

2:00 pm – 3:00 pm

CON8902: Developing Secure Mobile Applications

Mark Wilcox, Senior Manager - Product Management, Oracle
Kanishk
Mahajan, Principal Product Manager, Oracle

Marriot Marquis - Golden Gate C3

3:30 pm – 4:30 pm

CON8826: Zero Capital Investment by leveraging Identity Management as a Service

Mike Neuenschwander, Senior Director of Product Management, Oracle
Lee Howarth,
Senior Principal Product Manager, Oracle

Moscone West, Room 2018



Monday Jul 01, 2013

SIM to OIM Migration: A How-to Guide to Avoid Costly Mistakes (SDG Corporation)

In the fall of 2012, Oracle launched a major upgrade to its IDM portfolio: the 11gR2 release.  11gR2 had four major focus areas:

  • More simplified and customizable user experience
  • Support for cloud, mobile, and social applications
  • Extreme scalability
  • Clear upgrade path

For SUN migration customers, it is critical to develop and execute a clearly defined plan prior to beginning this process.  The plan should include initiation and discovery, assessment and analysis, future state architecture, review and collaboration, and gap analysis. 

To help better understand your upgrade choices, SDG, an Oracle partner has developed a series of three whitepapers focused on SUN Identity Manager (SIM) to Oracle Identity Manager (OIM) migration.

In the second of this series on SUN Identity Manager (SIM) to Oracle Identity Manager (OIM) migration, Santosh Kumar Singh from SDG  discusses the proper steps that should be taken during the planning-to-post implementation phases to ensure a smooth transition from SIM to OIM.

Read the whitepaper for Part 2: Download Part 2 from SDGC.com

In the last of this series of white papers, Santosh will talk about Identity and Access Management best practices and how these need to be considered when going through with an OIM migration.

If you have not taken the opportunity, please read the first in this series which discusses the Migration Approach, Methodology, and Tools for you to consider when planning a migration from SIM to OIM. Read the white paper for part 1: Download Part 1 from SDGC.com

About the Author:

Santosh Kumar Singh

Identity and Access Management (IAM) Practice Leader

Santosh, in his capacity as SDG Identity and Access Management (IAM) Practice Leader, has direct senior management responsibility for the firm's strategy, planning, competency building, and engagement deliverance for this Practice. He brings over 12+ years of extensive IT, business, and project management and delivery experience, primarily within enterprise directory, single sign-on (SSO) application, and federated identity services, provisioning solutions, role and password management, and security audit and enterprise blueprint. Santosh possesses strong architecture and implementation expertise in all areas within these technologies and has repeatedly lead teams in successfully deploying complex technical solutions.

About SDG:

SDG Corporation empowers forward thinking companies to strategize their future, realize their vision, and minimize their IT risk. SDG distinguishes itself by offering flexible business models to fit their clients’ needs; faster time-to-market with its pre-built solutions and frameworks; a broad-based foundation of domain experts, and deep program management expertise. (www.sdgc.com)


Tuesday Jun 25, 2013

Register for a free webcast presented by ISC2: Identity Auditing Techniques for Reducing Operational Risk and Internal Delays

Join us tomorrow, June 26 @ 10:00 am PST for Part 1 of a 3 part security series co-presented by ISC2

Part 1 will deal focus on Identity Auditing techniques and will be delivered by Neil Gandhi, Principal Product Manager at Oracle and Brandon Dunlap, Managing Director at Brightfly

Register for Part 1: Identity Auditing Techniques for Reducing Operational Risk and Internal Delays

...

Part 2 will focus on how mobile device access is changing the performance and workloads of IDM directory systems and will be delivered by Etienne Remillon, Senior Principal Product Manager at Oracle, and Brandon Dunlap, Managing Director at Brightfly

Register for Part 2: Optimizing Directory Architecture for Mobile Devices and Applications

...

Finally, Part 3 will focus on what you need to do to support native mobile communications and security protocols and will be presented by Sid Mishra, Senior Principal Product Manager at Oracle, and Brandon Dunlap, Managing Director at Brightfly.

Register for Part 3: Using New Design Patterns to Improve Mobile Access Control


Monday Jun 03, 2013

A Summary of Identity Management R2 PS1

If you have downloaded Identity Management R2 PS1 and are looking for a good summary of capabilities, the presentation below by Marc Boroditsky, Vice President of Product Management, provides a good preview.

For more information on getting started with Identity Management R2 PS1 click here for the documentation. You can learn more about Identity Management R2 PS1 from these resources:

Tuesday May 28, 2013

Don't Secure Yourself Out of Business

As regulatory pressure and security threats continue to rise, the Chief Security Officer (CSO) role is gaining more importance in many organizations. With security spending at an all time high, many CSO's are re-thinking their priorities and focusing on risk. A recent CSO Market Pulse survey of IT executives, finds that in most organizations IT spending is not aligned with risk.

Mary Ann Davidson, Oracle Corp CSO, joins us for this exclusive webcast to discuss the findings of the survey. One of the most important voices among computer security practitioners today, Davidson describes how CSOs and other IT leaders can use this information to reduce risk in the enterprise. To Register Click Here.

Webcast Date: Thursday, July 18, 2013

Time: 10:00 PM PST

Speaker: Mary Ann Davidson, Chief Security Officer, Oracle

Registration: Click Here

API Security Beyond The Perimeter: IdM R2 PS1

If you are moving applications to the cloud or extending your applications to mobile devices, you will be concerned with securing the device interaction with users and with back end components that reside behind your perimeter. In Identity Management 11g R2 Patch Set 1, we have enhanced and released Oracle API Gateway to enable organizations to address the challenges of service oriented security, applications on mobile devices and applications in the cloud. Patch Set 1 is another step in rationalizing a platform approach to Identity and Access Management to enable organizations to modernize security. For a primer on Oracle API gateway, Apple Bagwell simplified the topic and captured it in a Prezi. Apple recently presented an overview to the Identity Architect Forum which was well received. He does a great job of simplifying and demystifying the topic. Click here to view the Prezi.

The latest docs to the Oracle API Gateway can be found hereFor more resources on Identity Management R2 Patch Set 1, see the links below. 

Thursday May 16, 2013

Congrats to Virgin Media: Best IAM Project Award

We extend our congratulations to the team at Virgin Media for winning the award for best Identity and Access Management project at the European Identity Conference in Munich this week. Excerpt below from the European Identity Conference.

In the category “Best Identity and Access Management Project”, the award goes to Virgin Media for the implementation of highly polished access control mechanisms with IAM technologies for the WiFi network of the London Underground metro system. This project went live for the 2012 Summer Olympics and had to meet very demanding requirements for high performance user authentication.

You can learn more about the Virgin Media story by viewing this on demand webcast here.

Monday May 06, 2013

CSO Online Study: Threats are Outside, Risks are Inside

Oracle recently worked with CSO Online to study the economics of security. Despite the the increasing IT spend on security, many organizations don't feel any safer. According to the study, organizations allocate up to 67% of their IT security spend protecting network resources. However, the biggest risk in many organizations is weak governance controls on user access and application security. According to the latest Verizon Data Breach Report 2013 , 76% of attacks utilize lost or stolen credentials as a means of entry or propagating the attack.

According to the survey, 40% believed that implementing fragmented point solutions created gaps in their security and resulted in vulnerability. Fragmentation creates latency in security processes and latency introduces risk. According to a similar study by Aberdeen Research, organizations that take an integrated platform approach had 35% fewer audit deficiencies and were more responsive.

The findings underscore the relevance of Oracle’s “security inside-out” approach which means focusing attention on the organization's most strategic assets which include applications, databases, systems, and users. 

Read the details here

Thursday May 02, 2013

European Identity Conference

This year's European Identity Conference is devoted to cloud, mobile and social. This promises to be an exciting event this year. Here is a link to the conference.  You will not want to miss Peter Boyle and Mike Neuenschwander. Peter's keynote is on Thursday May 16th. Peter Boyle is Head of Identity Services for BT. Below is an abstract for his talk.

If Your Customers Don't Feel Safe, They Will Leave You

More than 559 million adults have been victims of cyber-crime - that´s more than the population of the European Union. More businesses are trying to connect with customers on social and mobile but, 15% of social networking users have had accounts infiltrated and 21% have fallen prey to mobile or social attacks. Only one incident can cause a customer to shift brands. If you are trying to find new paths to market online, don´t miss this session. Securing the customer experience should be the top priority for any business initiative involving cloud, mobile and social. Faced with the need to secure a growing hosting business with more than 10,000 customers accessing services on-line, British Telecom Identity enabled their applications to secure their customer data and transactions. In this session, Peter Boyle Head of Identity Services for BT will discuss how to keep your customer safe, loyal to your brand and keep them coming back for more.

See Mike Neuenschwander will speak in the following sessions:

  • May 14th 2:00 pm :The Future of IAM
  • May 15th 10:30 am: Next Generation Cloud and Mobile Identity Management 
  • May 15th 2:00 pm: The Future of IAM: "Do not kill IAM, improve and extend it"
  • May 16th 2pm: Life Management Platforms, Personal Data, Private Cloud 

Wednesday May 01, 2013

North American CAB Notes and Key Takeaways

The North American Customer Advisory Board (CAB) was held at Oracle headquarters, April 16-18.  Customers were invited to attend in order to get an update on product direction, participate in discussions on key industry trends, and to meet with Product Managers to discuss product road maps and features.

Day 1 consisted of  an overview of the Oracle IDM business, including key market trends and customer success stories, followed by presentations by Product Management in three key areas: Directory Services, Identity Governance, and Access Management

Day 2 contained moderated discussions on key topics such as Mobile and Cloud Applications, and also a customer presentation by College Board on their IDM implementation.

Day 3 began with a presentation by Oracle IT on how they are using Oracle IDM to manage systems and applications internally, and then moved on to additional breakout and feedback sessions.  There were also opportunities for customers to meet with Product Managers one on one to discuss specific product features and functions.  At the end of the day, customers were invited to provide feedback about the various presentations and discussions, and to identify key priorities for their organizations.

Here are some of the more popular discussion topics:

A lot of discussion around reference architectures for IDM: customers identified the need for additional best practice guidance when sizing and scaling hardware for optimal performance.  A lot of good reference material exists for 10g products (which have been in the market for quite a while) but less is available for 11g products.

Multi-datacenter configurations, as well as configuring for high availability and disaster recovery.

Mobile application security was a hot topic: most of the attendees were delivering and securing mobile applications but there was a lot of variation in what customers were doing.  Most agreed that the management capabilities of IDM for mobile applications needed to improve, and most agreed that mobile application management was a top priority for them.

All of the customers I spoke to agreed that the time was well spent, and that the presentations were detailed and focused on the topics, technologies and timelines that they felt were important.  Everyone agreed that the ability to meet one on one with Product Management was very helpful, and everyone liked the customer presentations.

Thank you to everyone that attended, and shared their concerns, thoughts and suggestions with the IDM team.

About

Oracle Identity Management is a complete and integrated next-generation identity management platform that provides breakthrough scalability; enables organizations to achieve rapid compliance with regulatory mandates; secures sensitive applications and data regardless of whether they are hosted on-premise or in a cloud; and reduces operational costs. Oracle Identity Management enables secure user access to resources anytime on any device.

Search

Archives
« May 2015
SunMonTueWedThuFriSat
     
1
2
3
4
5
6
8
9
10
11
12
13
14
15
16
17
18
20
21
22
23
24
25
26
27
28
29
30
31
      
Today