Thursday Oct 31, 2013

Take our Online Assessment to see how your IDM strategy stacks up

Recently, we launched a new online self assessment tool to help customers review their current IDM infrastructure.  This 10 question self assessment will allow you to measure the effectiveness of your IDM technology, but also business processes and security posture.

Watch the video below, and then click the "Get Started!" link embedded in the player to take the survey. (Note: the video tells you to go to our page to get started - but using the link in the video player saves you the extra step.)

At the end of the survey, you will be presented with your overall score, your security maturity ranking, and you can register to save your results and to download a comprehensive report.  The report explains each of the questions, notes your response, and makes specific suggestions.

Use this link to jump to the Online Assessment directly:  Take the assessment, and see how you rank!

Wednesday Oct 30, 2013

Registration Open Now! Virtual Developer Day: Oracle ADF Development

Is your organization looking at developing Web or Mobile application based upon the Oracle platform?  Oracle is offering a virtual event for Developer Leads, Managers and Architects to learn more about developing Web, Mobile and beyond based on Oracle applications. This event will provide sessions that range from introductory to deep dive covering Oracle's strategic framework for developing multi-channel enterprise applications for the Oracle platforms. Multiple tracks cover every interest and every level and include live online Q&A chats with Oracle's technical staff.  

For Registration and Information, please follow the link HERE

Sign up for one of the following events below

Americas - Tuesday - November 19th / 9am to 1pm PDT / 12pm to 4pm EDT / 1pm to 5pm BRT

APAC - Thursday - November 21st / 10am - 1:30pm IST (India) / 12:30pm - 4pm SGT (Singapore) / 3:30pm -7pm AESDT

EMEA - Tuesday - November 26th / 9am - 1pm GMT / 1pm - 5pm GST / 2:30pm -6:30pm IST

Wednesday Oct 23, 2013

Oracle Identity Management Connector Overview

Oracle Identity Manager (OIM) is a complete Identity Governance system that automates access rights management, and provisions IT resources.  One important aspect of this system is the Identity Connectors that are used to integrate OIM with external, identity-aware applications.

New in OIM 11gR2 PS1 is the Identity Connector Framework (ICF) which is the foundation for both OIM and Oracle Waveset.

Identity Connectors perform several very important functions:

  • On boarding accounts from trusted sources like SAP, Oracle E-Business Suite, & PeopleSoft HCM
  • Managing users lifecycle in various Target systems through provisioning and recon operations
  • Synchronizing entitlements from targets systems so that they are available in the OIM request catalog
  • Fulfilling access grants and access revoke requests
  • Some connectors may support Role Lifecycle Management
  • Some connectors may support password sync from target to OIM

The Identity Connectors are broken down into several families:

The BMC Remedy Family

  • BMC Remedy Ticket Management
  • BMC Remedy User Management

The Microsoft Family

  • Microsoft Active Directory
  • Microsoft Active Directory Password Sync
  • Microsoft Exchange

The Novell Family

  • Novell eDirectory
  • Novell GroupWise

The Oracle E-Business Suite Family

  • Oracle e-Business Employee Reconciliation
  • Oracle e-Business User Management

The PeopleSoft Family

  • PeopleSoft Employee Reconciliation
  • PeopleSoft User Management

The SAP Family

  • SAP Employee Reconciliation
  • SAP User Management

The UNIX Family

  • UNIX Telnet

As you can see, there are a large number of connectors that support apps from a variety of vendors to enable OIM to manage your business applications and resources.

If you are interested in finding out more, you can get documentation on these connectors on our OTN page at:

Tuesday Oct 22, 2013

Enjoy Cloud Odyssey The Oracle Movie

If you attended Open World you may have seen the promotions for a new movie produced by Oracle. The movie is called Cloud Odyssey and it chronicles the journey of a hero to the cloud. The movie is an animated sci-fi adventure. This movie will be played at Oracle events around the world so you may soon get an invite to attend. Interesting approach to telling the cloud story. For many IT organizations, the journey to the cloud is a major initiative for end users. I am sure Homer would be proud. In fact perhaps if it is successful, I am hopeful we may see a cloud Iliad. 

Below, I have embedded a trailer to the movie for your viewing pleasure. While it clearly is not the next Iron Man, it is intriguing. Hope you enjoy. 

Thursday Oct 17, 2013

Two views of Federation: inside out, and outside in

I always think of Star Fleet when I hear Federation!

IDM customers that I speak to have spent a lot of time thinking about enterprise SSO - asking your employees to log in to multiple systems, each with distinct hard to guess (translation: hard to remember) passwords that fit the corporate security policy for length and complexity is a strategy that is just begging for a lot of help-desk password reset calls. So forward thinking organizations have implemented SSO for as many systems as possible.

With the mix of Enterprise Apps moving to the cloud, it makes sense to continue this SSO strategy by Federating with those cloud apps and services.  Organizations maintain control, since employee access to the externally hosted apps is provided via the enterprise account.  If the employee leaves, their access to the cloud app is terminated when their enterprise account is disabled.  The employees don't have to remember another username and password - so life is good.

From the outside in - I am excited about the increasing use of Social Sign-on - or BYOI (Bring your own Identity).  The convenience of single-sign on is extended to customers/users/prospects when organizations enable access to business services using a social ID.  The last thing I want when visiting a website or blog is to create another account.  So using my Google or Twitter ID is a very nice quick way to get access without having to go through a registration process that creates another username/password that I have to try to remember.

The convenience of not having to maintain multiple passwords is obvious, whether you are an employee or customer - and the security benefit of not having lots of passwords to lose or forget is there as well.

Are enterprises allowing employees to use their personal (social) IDs for enterprise apps?  Not yet, but we are moving in the right direction, and we will get there some day.

Monday Oct 14, 2013

CSO Summit Open World

If you attended Open World, you were present for a historic occasion, not only was this the largest Open World, but the Oracle team also won the America's cup against incredible odds. There are a few lessons we can apply to security. Security, like the America's Cup race, is about latency. Since 2007 the boat speeds have gone from 14 mph to 50 mph with greater control and roughly the same number of crew on-board.

Without the technology on-board providing control, these boats would be very difficult to pilot. The mast of the AC72 is as high as a three story building. Yet, despite the large size, these boats almost fly over the water.  Today many businesses face the same challenge, they must grow while maintaining the same level of governance. Security allows companies to accelerate with confidence.

The theme for the CSO Summit was "accelerating with confidence".  With over 18 countries represented across 12 vertical markets, it was truly a world class audience.  Instead of an exclusively security audience, this year the executives came from many lines of business. This reinforces the trend that companies are starting to progressively align security to new business initiatives. For a survey on companies using security as a business enabler see the PWC Global State of Information Survey

SUN2Oracle upgrades and migrations

There are many resources for SUN customers who are interested in upgrading or migrating to Oracle IDM.  And since this is a common request from customers, I wanted to list a few of them here for easy access.

Here are two customer stories that represent both types of upgrade: an incremental upgrade, and a full re-platform

SuperValu represents an incremental upgrade (we call this a co-existance strategy, where both SUN and Oracle IDM are used together).  In this customer case study, a decision was made to incrementally upgrade individual components since the organization had a lot of staff resources that were good with the SUN products.

Customer success story: webcast replay link

In the case of Avea, the decision was made to re-architect a whole new IDM platform foundation due to performance requirements, and new features available in the Oracle products.

Customer Success Story: webcast replay link

SUN DSEE customers that are looking to move to the next generation, highly scalable Oracle Unified Directory can take a look at this webcast replay, where UCLA, and partner Hub City Media moved from a DSEE directory implementation directly to OUD:

SUN2Oracle: Upgrading from DSEE to the next generation Oracle Unified Directory: Webcast replay link

A common problem that customer's have is explaining to their management all of the benefits of upgrading and then building a business case to get the project funded.  In this video, Mike Neuenschwander explains how to build a business case for a SUN2Oracle IDM upgrade.

Finally, in this video, Mike gives advice for how to build a project roadmap to migrate from SUN to Oracle IDM:

Wednesday Oct 09, 2013

Customer Experience and Trust

Every business is looking to take advantage of the new digital experience to connect with customers. This has become the new strategic imperative of companies all around the world. A recent article in the Sloan Management Review provides some insight into the barriers organizations are facing as they embrace the digital transformation.

For many customers, trust is an important barrier to engaging. Ease of use without security and trust is not enough to get customers to participate. For a more detailed analysis or bedtime reading on how the trust deficit reduces business activity, this Wall Street Journal Article on "How the trust deficit is hurting our economy" provides some good evidence. The net is that our level of economic activity is directly related to our level of trust in the institutions we do business with from banks to retail stores online. 

For many organizations, security and trust are the major barriers to enabling customer participation in the digital revolution.  The video below was recently created by the customer experience campaign to highlight how experience is critical to customer loyalty. 

Monday Oct 07, 2013

OpenWorld Recap - CON8808 Amit Jasuja's Identity Management Presentation

CON8808 at OpenWorld 2013 in San Francisco was a big event for the IDM team.  In his presentation, Amit Jasuja talked about how IDM has gone from a set of restrictive controls to a real business enabler.

His session featured 3 live demos.  In the first, he took an iPad from an audience volunteer, downloaded a secure container, and showed how he could access his corporate resources and files on a borrowed device, from a public network.

In the second demo, he showed how an administrator could request privileged access in order to start up a demonstration server.  One of the key points of this demo was that the the person requesting the access never saw the password, but was able to execute the start up command to get the server running.

In the third demo, Amit showed converged Identity Governance; he was able to certify file and application access from the same console.

After each demo, Amit would talk through how each was achieved using Oracle IDM. Although you can't see the demos (since they were live), I have attached his slides.

Sunday Oct 06, 2013

Making Cars More Social: Redefining Identity Management

When you were 16, ( or perhaps still believe you are 16) your car was the enabler to your social life providing you with the freedom and means to explore. Today your car is a platform for your life transporting your family and providing transportation to and from work. The average commute time in the US one way is 25.4 minutes. If you are on the east coast or Washington DC that time is significantly greater. In Sao Paulo Brazil, the average commute time is 43 minutes. So if we assume 1 hour a day for 52 weeks a year we can spend more than 300+ hours in our cars. Most commuters are now using their cars as mobile offices and for social time to connect with colleagues, friends and family. As a baseline the average social media user can spend 6.9 hours per month on social media sites. If your car is social enabled, you can probably double your time on Facebook. 

It is not surprising that manufacturers of automobiles are taking advantage of the social revolution both as a means of providing better service to consumers and as a means of enabling consumers to connect and get more work done. The transformation is across the entire life-cyle of the automobile from innovation to consumer experience. This video provides an info-graphic of the transformation.

This new experience is redefining how we think about Identity Management and security. To connect your cars to the social network, the car needs and identity and each passenger needs an identity on the vehicles they drive. The car personalizes to each driver and becomes a platform for applications which means authorization and authentication across applications. All of this moves passenger and driver context into the foreground for automative designers. The graphic below the new requirements for security when we identity enable a car.

Friday Oct 04, 2013

Oracle OpenWorld 2013: Developing Secure Mobile Applications (CON8902)

As more organizations develop mobile applications that access ever increasing levels of sensitive data, it is critical that standard security policies can be applied, whether coding native, hybrid or mobile browser-based applications. This session, from OpenWord 2013, will teach you how to code your mobile applications to gain access to Oracle's Mobile Access Management services including device registration, authentication, authorization,  step-up authentication and single sign-on. If you missed this, or would like a second opportunity to see this presentation in slide form, join us by checking out "Developing Secure Mobile Applications" today.

Tuesday Oct 01, 2013

The Identity of Everything - CSO Summit Open World

A recent Cisco report estimates by 2020 there will be more than 50 billion devices world wide while the human population will still be under 8 billion people. This short term trend will change the landscape of identity and access management and change the security requirements of enterprises everywhere. While today security executives are concerned with mobile phones and laptops, tomorrow they will be concerned about automobiles, aircraft and projectors on their networks. Each device is a new identity and each user that interacts with the device has a separate context. As a reference, see the paper Identity at Internet Scale Here are some of the new security requirements:

  • Multi-user devices 
  • Dynamic user volumes 
  • User authentication on the device
  • Service availability
  • Encryption of data at rest and in flight
  • Secure container on the device
  • Device authentication
  • User authentication 

The devices themselves will interact very differently since they must now communicate with other devices and humans. Here is a great youtube video that paints a very interesting and perplexing picture of the future.

From the video, a few interesting things happen.

  • The device communication is very personal and follows our social media conventions
  • The devices must trust the people involved in the interaction and people have to trust the devices 
  • The scale of the interaction grows geometrically as more devices and users collaborate

Here are the slides from the recent CSO Summit at Open World. Oracle's approach is a singular platform for all devices that manage device identity and user identity. 

Oracle OpenWorld 2013: Leveraging the Cloud to simplify your Identity Management implementation (CON8836)

Applications moved into a managed cloud environment need Identity and Access Management services to ensure user accounts, passwords and roles are all managed properly for the purposes of Security and Audit.  In this session, we’ll discuss the key considerations for a Hosted Private Cloud deployment of Oracle applications integrated with Oracle Identity Management Suite to provide self-service account provisioning and federated Single Sign-on (SSO) for an organization’s internal and external users. You will also hear from a customer on how their key business requirements were addressed with Managed Identity Services from Oracle running at Oracle. This was one of many of highly attended conference sessions at this year's Oracle OpenWorld 2013.  If you missed this, or would like a second opportunity to see this presentation in slide form, join us by checking out "Leveraging the Cloud to simplify your Identity Management implementation " today.

Oracle OpenWorld 2013: Next Generation Optimized Directory - Oracle Unified Directory (CON9024)

With new computing technologies to transform business, is your underlying directory infrastructure ready to support mobile, cloud and social networking? How can I simplify my directory architecture but deliver high scalability, availability and performance? How to leverage directory to easily make your applications location aware and social relationship aware?  How do I migrate existing directories to OUD? How to optimize OUD performance on T5/ T4 hardware? This was one of many of highly attended conference sessions at this year's Oracle OpenWorld 2013.  If you missed this, or would like a second opportunity to see this presentation in slide form, join us by checking out "Next Generation Optimized Directory" today.


Oracle Identity Management is a complete and integrated next-generation identity management platform that provides breakthrough scalability; enables organizations to achieve rapid compliance with regulatory mandates; secures sensitive applications and data regardless of whether they are hosted on-premise or in a cloud; and reduces operational costs. Oracle Identity Management enables secure user access to resources anytime on any device.


« October 2013 »