Tuesday May 24, 2016

2016 Oracle Cloud Platform Innovation Awards

Are you using Oracle Identity Management to deliver unique business value for your organization or customers?  Then you could be eligible for the 2016 Oracle Cloud Platform Innovation AWARD!

This year's Oracle Cloud Platform Innovation – Excellence Awards are focused on recognizing customers and partners who are leveraging Oracle Cloud Platform in innovative and visionary ways. Winners receive an Oracle Excellence Awards trophy! All nominees receive a complimentary pass to Oracle OpenWorld 2016 in San Francisco and other benefits

Do you believe your organization has done something unique and innovative in the following areas:

  • Application Development & Deployment
  • Integration
  • Mobile
  • Content and Process
  • Security
  • Business Analytics
  • Data Integration and Governance

We'd love to hear from you today! Please submit your nomination in the appropriate category. This year’s nomination process is a little bit different in the sense that the forms are now fully online!

Click here to submit your nomination today – scroll to the bottom of the page and select the appropriate category. The deadline to submit a nomination is June 20th, 2016.

Thursday Apr 21, 2016

Wanted: Outstanding Oracle Security Experts to Speak @OpenWorld 2016

The Oracle OpenWorld 2016 call for proposals is now open. Attendees at the conference are eager to hear from experts on Oracle security and technology. They're looking for insights and improvements they can put to use in their own jobs: exciting innovations, strategies to modernize their business, different or easier ways to implement, unique use cases, lessons learned, the best of best practices.

Oracle OpenWorld in San Francisco

If you've got something special to share with other Oracle Identity Management and Database Security users and technologists, they want to hear from you, and so do we.

Submit your proposal now for this opportunity to present at Oracle OpenWorld, the most important Oracle technology and business conference of the year.

Friday Feb 19, 2016

Next Generation IDaaS: Moving From Tactical to Strategic by Matt Flynn

First generation Identity as a Service (IDaaS) was a fashion statement that’s on its way out. It was cool while it lasted. And it capitalized on some really important business needs. But it attempted to apply a tactical fix to a strategic problem.

We all know by now that the world has changed. The way we secure information assets today barely resembles the approaches of last decade. When I hear security marketers still talking about ‘erosion of the perimeter’, I cringe. The perimeter is long gone. If employees have access to data, it’s already on their mobile devices and it’s being shared via cloud services. Outsiders are in and insiders are out; that debate is long over. But we’re still in the infancy of solving the bigger problem which is addressing the security needs of next generation businesses.

In the early part of the ongoing Digital Transformation, many organizations found themselves scrambling to react to changing business needs. Adoption of SaaS, cloud services, and mobile devices took off so quickly that IT and Security practitioners (who were often left out of buying decisions) faced difficult challenges with regard to maintaining service levels and enforcing security policies.

A new wave of narrowly focused security solutions quickly emerged to address some of the increasing security concerns facing Digital Businesses. Among them, cloud-based Identity and Access Management (IAM) solutions (often referred to as Identity-as-a-Service or IDaaS) emerged to help bridge the gap between increasingly mobile user populations and cloud-based SaaS applications.

In an effort to react quickly, organizations bought into tactical solutions that were designed to serve only one small segment of their target application set. These first generation IDaaS solutions created silos that typically need to be managed separately from the rest of the organization’s enterprise IAM solutions requiring special knowledge and additional ‘care and feeding’. And, making matters worse, these solutions manage access to SaaS applications separately from other enterprise access. This is the situation many organizations find themselves in today.

As these organizations become more digital and incorporate digital thinking into their core business strategies, it’s time to rethink their reactive tactics and to look at longer term requirements and more stable approaches that enable both quick, responsive action and also solid, predictable performance. It’s time to seek out solutions that address the full set of enterprise needs and to tear down the individual silos that have popped up as stop-gap measures. Reactive solutions do well to stop leaks, but they fall short of addressing long-term needs. There are two trends that are currently changing the way organizations approach security for Digital Business and are already impacting IAM buying decisions.

First, convergence is critical. Security functions are coalescing into fewer solutions that cover more ground with less management overhead. Digital Enterprises want more functionality from fewer solutions. The overabundance of attack surfaces and the widespread confusion about how to prioritize and address the variety of threats has left security practitioners wanting more; more simplification, more intelligence, and more visibility.

Second, the basic role of IAM is shifting from one of defense-and-control to one of enablement. Digital businesses can only succeed if they are agile and able to provide the best possible user experience, free of obstacles. In order to manage risk in a more open environment, organizations seek to leverage context and analytics to enable secure interaction between employees, partners, customers, and data. Increased context reduces the reliance on obstacles and enables a more open and fluid user experience. A singular view of a user across legacy, enterprise, mobile, and cloud applications enables greater visibility and an improved ability to respond to compliance mandates.

The next generation of IAM is engineered specifically for Digital Business providing a holistic approach that operates in multiple modes. It adapts to user demands with full awareness of the value of the resources being accessed and the context in which the user is operating. Moving forward, you won’t need different IAM products to address different user populations (like privileged users or partners) and you won’t stand up siloed IDaaS solutions to address subsets of target applications (like SaaS).

The first generation of cloud-based IAM introduced some key enablers for Digital Business that won’t be lost in next-generation IDaaS solutions. The ability to quickly on-board users and applications is critical. The ability to authenticate users wherever they are, understand context, and facilitate access quickly and easily will continue to be a core function of next-gen IAM. But, IAM buyers can no longer think in terms of IAM silos for subsets of users or subsets of target applications. That approach is unable to answer enterprise-wide questions, to enforce enterprise-wide policies, or to enable enterprise-class governance. It will, in short, leave you wanting more.

Next generation IDaaS builds on all the promises of cloud computing but positions itself strategically as a component of a broader, more holistic IAM strategy. Next-gen IDaaS fully supports the most demanding Digital Business requirements. It’s not a stop-gap and it’s not a fashion statement. It’s an approach enabling a new generation of businesses that will take us all further than we could have imagined. I look forward to enjoying the ride.

Friday Jan 08, 2016

The Digital Passport to Identity - by Greg Jensen

During Christmas, I was amazed at the sheer number of risks I was potentially exposing my family to with each electronic gift.  Would my generosity turn to unwelcomed cyber hack or privacy infringement with the “smart” TV application store and registration process? Or maybe the game console with its online network requiring activation?  Would it be my son’s wearable device with dozens of new applications, each with direct access to his personalized identity and health data?  Unfortunately, it’s all of the above.  At least my daughter didn’t get the Wi-Fi connected doll.

This holiday season was exciting and fearful at the same time, but this issue of identities isn’t limited to consumers, it extends to the enterprise as organizations manage their employees, contractors and partners alike. 

As I type this, I am wrapping up the day, working from my tablet at my son’s hockey practice while sipping coffee from the local coffee stand. All made possible with applications securely available from the cloud, accessible over secure connections from public wireless networks.  The office is no longer contained by four walls of the enterprise.  It can be the local coffee shop, a quiet park, or anywhere that provides a new perspective on ideas and creative thinking.  The walls of the traditional office are gone, and today’s network resembles something like a block of Swiss cheese with porous perimeters. The holes created are for extending content and information in a boundary-less world that favors mobile devices and cloud services. 

Today, identity management platforms resemble more of an enablement platform for the digital business where digital identities represent our passport into this world. It binds us to our cloud-based collaborative applications for sharing ideas and content. It opens up a whole new world of information as partners, customers, and colleagues are taking advantage of digital business to create new products, leapfrog the competition and serendipitously innovate.  Without digital identity, we resort to a high risk posture that needs to verify I am who I say I am, and none of this would be possible.  

This has led many users to social sign-on in order to make things easier during the authentication and authorization process. Digital identity is opening new doors for users young and old and we are really at the beginning.

Looking back 25 years ago, it was common for the average user to have only a few identities to manage.  Today, my tech savvy kids for example have close to 25 identities each, all before the age of 18.  According to researchers at Sophos, the average UK resident has no fewer than 19 passwords and 1 out of 3 are not secure.   

Within this landscape, how does business keep up with the growing rate at that our employees and customers scale?  A small business may only need to manage a handful of employee identities; however, they may have 2 million+ subscribers to their cloud service.  Even small organizations can have a complex identity management challenge. 

This is bringing about increased demands and requirements from customers to be able to have one solution for managing one set of user identities across on-premise applications and cloud services.  With increases in complexity come new business requirements such as support for hybrid-cloud architectures, as well as the ability to deliver in a more open, agile and scalable architecture.  All of this with an eye on helping organizations with being better enabled with the digital transformation needs they will face to remain competitive. 

For more information on how Oracle is addressing the issue of the digital passport and managing identity on-prem and in the cloud, visit us at Oracle.com/OracleIdM or The Economist report “The Economics of Digital Identity” sponsored by Oracle.

Tuesday Oct 27, 2015

Ensuring You Don’t Become the Next Data Breach Story (Part 1) - Simeio Solutions

Recent headline Cyber Crimes at major retailers, health insurers, and even US Government agencies suggest that those involved were not necessarily performed by criminal masterminds, but rather by individuals that at one time had been properly credentialed to access systems or by individuals that were simply exploring open doors to identify vulnerabilities,. As information technology moves further toward the cloud to provide services, we will start to see more security breaches on a greater scale than ever before.

The hack at Ashley Madison has captured the attention of the media on several continents. And it is of no surprise that the former CEO suggested that the hacking incident may have started with someone who at least at one time had legitimate, inside access to the company’s networks — such as a former employee or contractor. In another instance of data theft from a health insurer, it was determined that critical data and records were not properly encrypted leading to the theft of millions of records of personally identifiable information.

As per "The Federal Trade Commission", Identity theft was once again the number one complaint from Americans this year.

Oracle’s Defense-in-Depth strategy and solutions offered as part of the Oracle Identity Management suite of products can prevent the cyber breaches that we are becoming so accustomed to see on the nightly news.

Today’s blog will focus on a few specific capabilities of Oracle Identity Governance (OIG) and show how they can be used to protect against certain types of common exploits.

1. Privileged/Shared Accounts – Keys to the Kingdom.

Privileged and shared accounts unfortunately exist within every organization - designed at a time when security was an afterthought if even thought of at all. How does one prevent or limit privileged accounts like DB Admins from performing malicious actions when compromised? OIG provides session management and auditing capabilities which become the single point to control and monitor activities within privileged sessions. OIG will provide notification alerts on account checkout. You can also define the life of a session and limit the usage of commands.

2. User life cycle management – Role Appropriate Access and Removal of Orphaned Accounts

OIG allows for attribute based role management for application and administrator roles. One can define custom, fine-grained Admin roles. For new user on-boarding, privileges are based on roles, business rules and requests. We can also define sunrise and sunset of application and entitlements which limits the access of users such as contractors or temporary employees for defined time periods. Normal termination based on end date and immediate termination helps to remove privileges and accesses across all target systems. Simply, an individual should only have access and entitlements within and across applications to be effective at their job, and should lose access when they no longer have a business need.

3. Enforceable Password Policies – Start with the basics

Hard-coded passwords, weak/common passwords, and infrequently rotated passwords are at the center of some of the most commonly exploited attacks on organizations. OIG protects privileged/shared accounts with passwords that are mathematically infeasible to ever guess or break and can rotate them on a regular basis. Likewise, password policies can be set for all protected resources requiring individuals to use complex passwords and require regular password changing – making it impossible for an attacker to simply guess the right key to get them through the front door.

4. Protect and Audit

OIG provides the tools to protect privileged accounts. Checking credentials in and out, also allows us to keep track of who has been using these shared accounts. OIG goes one step further, and allows us to monitor specific session activities – capturing and recording user activities as an MPEG video.

Beyond privileged and shared accounts, OIG has powerful certification capabilities - whereby users, managers, and respective application owners can validate and check the accesses of individuals and their specific entitlements. Segregation of Duties (SOD) analysis is efficient and preventative, warning users about potential violations before even the submission of a request.

5. Encrypt the Data – If it cannot be read, it is useless.

There are many rules and regulations mandating encryption and it makes for sound advice regardless. For example, if you have to comply with the PCI-DSS standard, then credit card numbers need to be stored encrypted. OIG allows for encryption of critical attributes of applications – whether that might be credit card information, social security numbers, or other HR data. Additionally, while outside the core scope of this blog series, tools such as Oracle Advanced Security carries out strong encryption of databases to fully protect sensitive information whether at rest or in transit.

Cyber crime has a devastating economic impact on society and at the individual company level can cause reputation and punitive damage from which an organization might never recover. OIG is a vital information safeguard. It exists to protect sensitive data and information from the ever-evolving landscape of security threats. Regardless of the position that a company takes on the extent or viability of such threats, a strong OIG implementation helps to mitigate the risks of cyber crimes.

What's coming next?

Future blogs in this series will discuss in greater depth how the Oracle Identity Management solutions can prevent your organization from being the next front-page exploit.

For more information on how Simeio Solutions can help you with reducing exposure to data breach with Oracle technologies, please visit them at www.simeiosolutions.com

Wednesday Oct 01, 2014

Thursday October 2nd: Identity Management at Oracle OpenWorld '14

Join us at Oracle OpenWorld 2014 and find out how and why our customers and partners around the world, spanning nearly every industry, continue to choose Oracle Identity Management to provide seamless and secure access to nearly any application from any device, to identify and automate who has access to what and to provide a common view of the user across multiple channels.

Below you'll find a list of the Identity Management Sessions at Oracle OpenWorld 2014 for Thursday, October 2nd, by order of date and time, to help you as you plan your week. Click on each to find out more information and don't forget to register for those you want to attend as sessions can and do fill out.

Conference Sessions

Managing Telenet’s Identities in Practice
Bart Cools, Partner, Cronos NV
Mark Van Tiggel, Team Manager ERP, Telenet NV
9:30 AM - 10:15 AM Moscone West - 3020 CON3995

There and Back Again: Journey to a Successful Deployment
Alex Bolante, Managing Director, Accenture
Viresh Garg, Director, PwC
Andrew Morrison, Partner / Principal, Deloitte & Touche LLP
Aaron Perry, President, Aptec LLC
Matthew Berzinski, Principle Product Manager, Oracle
12:00 PM - 12:45 PM Moscone West - 3020 CON8025

Self-Service Access Control: Help Yourself to More Productivity
Patrick Landry, IT Technical Director, USAA
David Mathias, Information Security Manager - Product Management, US Bank
Atul Goyal, Product Manager, Oracle
Volker Scheuber, Principal Sales Engineer, Oracle
1:15 PM - 2:00 PM Moscone West - 3018 CON8007

Architecting a Complete Access Solution for the Cloud Economy
Bernard Diwakar, Security & IAM Architect, Intuit
Marc Chanliau, Director, Product Management, Oracle
1:15 PM - 2:00 PM Moscone West - 3020 CON7975

Shake, Rattle, and Roll: Managing Large-Scale Identity Management Deployments
Gebhard Herget, Architect, Bundesagentur für Arbeit
Perren Walker, Senior Principal Product Manager, Oracle
2:30 PM - 3:15 PM Moscone West - 3020 CON8045

To maximize your attendance at Oracle OpenWorld 2014, running in San Francisco, CA from September 28th to October 2nd, be sure to review the complete listing of Oracle Identity Management Sessions and Demos.

The Schedule Builder is an invaluable tool to use when plan your visit to the conference. Be sure to pre-enroll in sessions of your interest as rooms can fill up. You can search identity management sessions using the term “identity+management” in the Content Catalog.

Identity Management executives and experts will be readily available for discussions and follow ups. Don’t forget to catch live demonstrations of our complete Oracle Identity Management solutions set while at OpenWorld.

Before and during, follow the conversation about Oracle OpenWorld 2014 on Twitter with #oow14 and, as always, engage with us @oracleidm and follow the Identity Managment blog. We hope to see you there!

Tuesday Sep 30, 2014

Wednesday October 1st: Identity Management at Oracle OpenWorld 2014

Join us at Oracle OpenWorld 2014 and find out how and why our customers and partners around the world, spanning nearly every industry, continue to choose Oracle Identity Management to provide seamless and secure access to nearly any application from any device, to identify and automate who has access to what and to provide a common view of the user across multiple channels.

Below you'll find a list of the Identity Management Sessions at Oracle OpenWorld 2014 for Wednesday, October 1st, by order of date and time, to help you as you plan your week. Click on each to find out more information and don't forget to register for those you want to attend as sessions can and do fill out.

Conference Sessions

Customer Success Stories: How to Eliminate the Blind Spots in Enterprise Risk
Angelo Cascio, SVP, Head of Identity and Access Management, Jefferies
Rich Flees, Staff Manager IT, Qualcomm, inc
Bob Jamieson Jamieson, Information Security Director, UL LLC
Neil Gandhi, Principal Product Manager, Oracle
10:15 AM - 11:00 AM Moscone West - 3020 CON7991

Modern Identity Management: Upgrading to Meet Requirements of the Digital Economy
Sherry Gray, Identity & Access Functional Analyst, ICBC
Judy Hatchett, Best Buy
Stacy Knoup, Asst Dir-IT, Principal Financial Group
Matthew Berzinski, Principle Product Manager, Oracle
11:30 AM - 12:15 PM Moscone West - 3020 CON8023

Securely Extend Applications to Mobile Devices: Developing a Mobile Architecture
Dawn Johnson, Director, IDM, First National of Omaha
RAKESH Meena, Security Architect, Aurionpro Solutions, Inc.
Kanishk Mahajan, Principal Product Manager, Oracle
12:45 PM - 1:30 PM Moscone West - 3020 CON7994

Beyond Brute Force: Strategies for Securely Leveraging Mobile Devices
Bob Beach, Security Technologies Strategist, Chevron Information Technology
Rajesh Pakkath, Senior Principal Product Manager, Oracle
Andy Smith, Sr Dir of Product Management, Oracle
3:30 PM - 4:15 PM Moscone West - 3020 CON7973

Trust but Verify: Best Practices for Monitoring Privileged Users
Chirag Andani, VP, Identity Access Management PDIT, Oracle
Olaf Stullich, Principal Product Manager, Oracle
Arun Theebaprakasam, PMTS, Oracle
4:45 PM - 5:30 PM Moscone West - 3020 CON8005

To maximize your attendance at Oracle OpenWorld 2014, running in San Francisco, CA from September 28th to October 2nd, be sure to review the complete listing of Oracle Identity Management Sessions and Demos.

The Schedule Builder is an invaluable tool to use when plan your visit to the conference. Be sure to pre-enroll in sessions of your interest as rooms can fill up. You can search identity management sessions using the term “identity+management” in the Content Catalog.

Identity Management executives and experts will be readily available for discussions and follow ups. Don’t forget to catch live demonstrations of our complete Oracle Identity Management solutions set while at OpenWorld.

Before and during, follow the conversation about Oracle OpenWorld 2014 on Twitter with #oow14 and, as always, engage with us @oracleidm and follow the Identity Managment blog. We hope to see you there!

Monday Sep 29, 2014

Tuesday: Identity Management at Oracle OpenWorld '14

Join us at Oracle OpenWorld 2014 and find out how and why our customers and partners around the world, spanning nearly every industry, continue to choose Oracle Identity Management to provide seamless and secure access to nearly any application from any device, to identify and automate who has access to what and to provide a common view of the user across multiple channels.

Below you'll find a list of the Identity Management Sessions at Oracle OpenWorld 2014 for Tuesday, September 30th, by order of date and time, to help you as you plan your week. Click on each to find out more information and don't forget to register for those you want to attend as sessions can and do fill out.

Conference Sessions

Securing the New Perimeter: Strategies for Mobile Application Security
Josh Bregman, VP Solutions, Aurionpro Solutions, Inc
Thai Thai, Infrastructure Solution Architect, Safeway Inc
Andy Smith, Sr Dir of Product Management, Oracle
10:45 AM - 11:30 AM Moscone West - 3020 CON7993

Identity as a Service: Extend Enterprise Controls and Identity to the Cloud
Sanjeev Topiwala, Group Manager, Intuit
Roger Wigenstam, Sr. Director, Product Management, Oracle Identity & Access Management, Oracle
3:45 PM - 4:30 PM Moscone West - 3020 CON8040

The Age of Megavolume: Oracle’s Next-Generation Directory and Future Strategy
Rafik Alsawalhy, Manager, City of Los Angeles
Jerome Cartagena, Staff IT Engineer, Qualcomm, Inc.
Etienne Remillon, Senior Principal Product Manager, Oracle
5:00 PM - 5:45 PM Moscone West - 3018 CON8043

Identity Services in the New GM
Andrew Cameron, Enterprise Architect, Identity Management, GENERAL MOTORS
Susie Godfrey, Directory & Platform Services Manager, GM
5:00 PM - 5:45 PM Moscone West - 3020 CON2007

To maximize your attendance at Oracle OpenWorld 2014, running in San Francisco, CA from September 28th to October 2nd, be sure to review the complete listing of Oracle Identity Management Sessions and Demos.

The Schedule Builder is an invaluable tool to use when plan your visit to the conference. Be sure to pre-enroll in sessions of your interest as rooms can fill up. You can search identity management sessions using the term “identity+management” in the Content Catalog.

Identity Management executives and experts will be readily available for discussions and follow ups. Don’t forget to catch live demonstrations of our complete Oracle Identity Management solutions set while at OpenWorld.

Before and during, follow the conversation about Oracle OpenWorld 2014 on Twitter with #oow14 and, as always, engage with us @oracleidm and follow the Identity Managment blog. We hope to see you there!

Tuesday Oct 01, 2013

Oracle OpenWorld 2013: Leveraging the Cloud to simplify your Identity Management implementation (CON8836)

Applications moved into a managed cloud environment need Identity and Access Management services to ensure user accounts, passwords and roles are all managed properly for the purposes of Security and Audit.  In this session, we’ll discuss the key considerations for a Hosted Private Cloud deployment of Oracle applications integrated with Oracle Identity Management Suite to provide self-service account provisioning and federated Single Sign-on (SSO) for an organization’s internal and external users. You will also hear from a customer on how their key business requirements were addressed with Managed Identity Services from Oracle running at Oracle. This was one of many of highly attended conference sessions at this year's Oracle OpenWorld 2013.  If you missed this, or would like a second opportunity to see this presentation in slide form, join us by checking out "Leveraging the Cloud to simplify your Identity Management implementation " today.

Wednesday Jun 05, 2013

The Cloud-based IAM Revolution by Paul Dhanjal (Simeio Blog Series - Ch1)

One of the most significant advancements in IT in the last few years has been the shift to cloud-based Identity and Access Management (IAM). While the word “revolution” is all-too-often used in IT, arguably it’s the right word to describe the transformation that the cloud brings to identity.

Over the next four weeks, we’ll delve into the details of this revolution, including a look at its impact on how you’ll do business, why change is needed, and what you’ll need to know to make the transition. Let’s get started by looking at the business drivers.

In just a few short years, cloud-based IAM has matured from simple portals offering single sign-on for a handful of Software-as-a-Service (SaaS) applications to sophisticated, comprehensive solutions that integrate seamlessly with virtually any directory service and application – on-premise, legacy or SaaS. They provide automated workflows for user access request submission and review, provisioning and attestation. They enable federation. And they simplify compliance with regulatory mandates.

The cloud model itself comes in a variety of flavors that provide enough flexibility to meet almost any organization’s needs, from public clouds that dramatically lower TCO through multi-tenancy to private clouds that can meet even the most stringent security and control requirements.

The drivers behind this revolution will be familiar to any CXO.

First, CXOs are facing increased pressure to reduce cost and complexity. They’re expected to follow the popular business school advice to “stick to the knitting”: focus exclusively on the core business and jettison everything else. IAM is squarely in the cross hairs, a tempting target for organizations looking to outsource services that don’t offer a clear and direct competitive advantage.

At the same time, IT is now expected to be a business enabler – to help grow the business, not just support it. This requires IT to be more flexible and nimble to meet ever-changing business demands, including the ability to quickly and easily provide employees, partners and customers with secure and role-appropriate access to a rapidly growing and evolving set of information, applications and other online resources.

User expectations, too, are rising rapidly. As users become accustomed to using more and more services online from filing their taxes to sharing their photos, they now expect the convenience of moving seamlessly between multiple services using a single set of credentials – their Facebook or Google accounts, for example.

Add to the mix the growing security, compliance and regulatory mandates tied to identity, and the challenge can seem insurmountable.

Thankfully, the cloud has offered us a clear path forward. The benefits are just as clear.

First, the cloud delivers on the promise of outsourcing: reducing capital strain and freeing the business to focus on its core competencies. It eliminates the large investment required to stand up an IAM infrastructure: the hardware costs, in many cases the software licenses, and all the configurations and integrations in between. It eliminates ongoing maintenance and upgrade costs, too.

Many cloud-based IAM solutions offer on-demand services with pay-as-you-go pricing – you get and pay for the capability when and only when you need it. They also significantly reduce operational costs so that companies have the benefit of automated IAM without the costs of implementing and maintaining an in-house IAM infrastructure.

In addition to the rise of secure and reliable ISO 27001 compliant data centers and complete, enterprise-ready solutions such as Oracle Cloud Computing, standards-based protocols have dramatically reduced the risk of making the leap to cloud-based IAM. As the saying goes, “the nice thing about standards is that there are so many to choose from.” While many of the first cloud-based IAM solutions seemed to add more to the list, today we’re seeing a real convergence toward a small set of widely adopted standards that have made implementation and integration remarkably easy, including REST-based APIs, OAuth, SAML and OpenID Connect.

While some dive in headlong, many dip their toe in the water with quick-win implementations – to address rising costs for password management by offering self-service, for example – and then progress through provisioning into a handful of core identity systems, synchronization of passwords between authoritative system, etc. This approach often allows the organization time to see that identity can be leveraged as a service for other business needs.

A large financial institution, for example, mandated that all its lines of business use a centralized in-house identity governance solution, then charged each LOB to use the service. This could be done only with a service approach to identity, which became possible once the beachhead of self-service password management had been established.

In our next post, we’ll explore the reasons why organizations must make the transition to new, cloud-based IAM models if they hope to compete in a world where business has moved online. For more information on the services and offerings at Simeio Solutions, you can learn more by going to www.simeiosolutions.com


Monday Mar 25, 2013

Security Newsletter, March edition – Q&A with the Commissioner, IDM goes Underground

The March edition of the Security Inside Out Newsletter is now out. This edition puts a spotlight on Privacy and features a Q&A session with a well known privacy expert, and showcases relevant resources.

With businesses relying more than ever on online channels to manage, build and grow their customer interactions, issues around security, privacy and compliance have taken center stage more so than ever before. Last week, we talked about the role security plays in enabling the new digital experience and in connecting organizations to social, mobile and cloud. This week we will talk about Privacy.

Dr. Ann Cavoukian is Ontario’s Commissioner of Information and Privacy and one of the world’s leading experts on Privacy. The March edition of the newsletter features a Q&A with the Commissioner where she delved into the role technology can play in protecting and managing privacy, and discussed her mantra Privacy by Design. We encourage you to read the feature and download the whitepaper that discusses Privacy and Security by Design: A Convergence of Paradigms. The feature serves as good background for a conversation on Privacy that we will have on our blog this week leading up to the twitter conversation with the Commissioner next week (on April 4th).

Yes, a twitter conversation! The Commissioner has agreed to participate in a live twitter chat to discuss Privacy and respond to industry questions - recent news, private sector responsibility, the work required, industry standards, the importance of Privacy by Design, and much more. The live conversation will take place on twitter on Thursday, April 4th at 10 am PDT / 1 pm EDT. Please participate using #PrivQA. And if you have questions, comments or feedback for the Commissioner you can send those before or during the event using #PrivQA. Questions before the event can be sent to @OracleIDM using #PrivQA.

The newsletter also showcases Virgin Media’s implementation of Identity Management to enable secure wi-fi services in the London Underground. The project started just before the London Olympics 2012, realized a tremendous success and has evolved in scope since. Do read the interesting feature and register for an upcoming webcast with Virgin Media this Thursday, March 28 at 10 am PDT. Since Virgin Media, Oracle and implementation experts from aurionPro SENA will all be at hand to answer questions, be sure to stay on for the live Q&A bit towards the end.

And, as always, the newsletter captures both recent and upcoming Security and Identity Management events, conferences, training, industry reports, news and more. So, if you haven’t done so, we recommend you subscribe to the Security Inside Out Newsletter today.

We’d love to hear from you. Let us know some topics you’d like to see covered in the upcoming editions. Or just let us know how we are doing. We look forward to hearing from you.

Friday Mar 22, 2013

New Oracle Security Facebook Page Launches

This week we mostly talked about how you can leverage security to unlock potential opportunities and grow your business via social, mobile and cloud. Catch the brief screencast and download the complimentary whitepaper in case you missed those earlier.

And, as we wrap up the week, some good news for Security and IT professionals interested in hearing more from Oracle Security professionals. We’re creating a new community on Facebook for Security professionals worldwide.  Via the Oracle Security Facebook page, we’d share the latest updates on all things Security – discuss industry and Oracle Security news, announce Oracle events, build community thought leadership, share customer success stories, and announce exclusive offers. Most of all, we will look to engage with you so that together we continue to grow the Security community and add value. This page will complement our existing Identity Management Facebook page.  

Watch this ~30 second video featuring my colleague, Troy Kitch, as he summarizes the goals of this new page, and connect with us on Facebook by liking the page. See you on Facebook! And wishing you the very best for the weekend!

Monday Mar 18, 2013

Do You Trust Social, Mobile and Cloud?

The last decade or so there has been a complete transformation in the way we work or how we consume information. Work is no longer about geography, it is an activity. “Company resources” are not just servers and systems in your server room, these could be in a data center, in the cloud or even the employees’ smart phones, iPads, tablets and more. Users of these “company resources” could be employees with physical badges, vendors, partners or customers connecting through the social media channels as Facebook, Twitter or Pinterest. Work can happen anywhere, via any device, through any network (intranet/social media channels/internet) leveraging company resources.

And why are organizations adapting this “work anywhere, anytime” model? The reasons are plenty - to improve efficiency, bring agility, build user productivity, offer seamless user experience to its customers or to simply establish a trust relationship with the customer. Social, Mobile and Cloud (SoMoClo) together is a business opportunity, a competitive advantage that organizations are seeking. And Security is the lynchpin in this new work order. Without a secure, seamless digital experience, it all falls apart.

With each new experience, the security risk increases. Each channel presents its own security points of failure. How can my company enable social trust as a means of connecting to customers & employees? How do I accommodate dynamic workgroups and teams of people around the globe that need to be part of my value chain? Is the Bring Your Own Device (BYOD) threatening the security of my digital and intellectual property? How can I securely connect mobile devices to my enterprise without compromising security? Are my applications secure enough to be cloud ready?

The security solution, thus, needs to scale and span across all the channels, encompass the growing breadth of both the “company resources” and the user population. The solution needs to provide the foundation (a platform) that feeds uniform security policies and extends identity context to the complete digital experience.

Naresh Persaud, Director, Security and Identity Management at Oracle, discusses the IT transformation driven by SoMoClo and underscores the need for a sound security solution. Catch this brief screencast on Securing the New Digital Experience to learn how the latest advances in Oracle Identity Management and Oracle Fusion Middleware solutions are fueling the transformation that is driving innovation in IT today.

For more information on Oracle Identity Management, visit us or join the conversation on our blog, Facebook page or catch us on Twitter.

Friday Dec 21, 2012

Webcast Replay: Securing the Cloud for Public Sector

[Read More]

Tuesday Dec 11, 2012

Webcast Tomorrow: Securing the Cloud for Public Sector

Oracle Corporation
Securing the Cloud for Public Sector

Click here, to register for the live webcast.

Dec 12 For 360 Degree View of Security in the Cloud

Cloud computing offers government organizations tremendous potential to enhance public value by helping organizations increase operational efficiency and improve service delivery. However, as organizations pursue cloud adoption to achieve the anticipated benefits a common set of questions have surfaced. “Is the cloud secure? Are all clouds equal with respect to security and compliance? Is our data safe in the cloud?”

Join us December 12th for a webcast as part of the “Secure Government Training Series” to get answers to your pressing cloud security questions and learn how to best secure your cloud environments. You will learn about a comprehensive set of security tools designed to protect every layer of an organization’s cloud architecture, from application to disk, while ensuring high levels of compliance, risk avoidance, and lower costs.

Discover how to control and monitor access, secure sensitive data, and address regulatory compliance across cloud environments by:

  • providing strong authentication, data encryption, and (privileged) user access control to ensure that information is only accessible to those who need it
  • mitigating threats across your databases and applications
  • protecting applications and information – no matter where it is – at rest, in use and in transit

For more information, access the Secure Government Resource Center or to speak with an Oracle representative, please call1.800.ORACLE1.

LIVE Webcast
Securing the Cloud for Public Sector

December 12, 2012

2:00 p.m. ET
Visit the Secure Government Resource Center

Click here for information on enterprise security solutions that help government safeguard information, resources and networks.


Visit the Secure Government Resource Center
Hardware and Software Engineered to Work Together
Copyright © 2012, Oracle. All rights reserved. Contact Us | Legal Notices | Privacy Statement

Thursday Oct 11, 2012

Guest Blog: Secure your applications based on your business model, not your application architecture, by Yaldah Hakim

Today’s businesses are looking for new ways to engage their customers, embrace mobile applications, while staying in compliance, improving security and driving down costs.  For many, the solution to that problem is to host their applications with a Cloud Services provider, but concerns that a hosted application will be less secure continue to cause doubt.

Oracle is recognized by Gartner as a leader in the User Provisioning and Identity and Access Governance magic quadrants, and has helped thousands of companies worldwide to secure their enterprise applications and identities.  Now those same world class IDM capabilities are available as a managed service, both for enterprise applications, as well has Oracle hosted applications.

--- Listen to our IDM in the cloud podcast to hear Yvonne Wilson, Director of the IDM Practice in Cloud Service, explain how Oracle Managed Services provides IDM as a service ---

Selecting OracleManaged Cloud Services to deploy and manage Oracle Identity Management Services is a smart business decision for a variety of reasons.

Oracle hosted Identity Management infrastructure is deployed securely, resilient to failures, and supported by Oracle experts. In addition, Oracle  Managed Cloud Services monitors customer solutions from several perspectives to ensure they continue to work smoothly over time. Customers gain the benefit of Oracle Identity Management expertise to achieve predictable and effective results for their organization.

Customers can select Oracle to host and manage any number of Oracle IDM products as a service as well as other Oracle’s security products, providing a flexible, cost effective alternative to onsite hardware and software costs.

Security is a major concern for all organizations- making it increasingly important to partner with a company like Oracle to ensure consistency and a layered approach to security and compliance when selecting a cloud provider.  Oracle Cloud Service makes this possible for our customers by taking away the headache and complexity of managing Identity management infrastructure and other security solutions.

For more information:



Facebook - http://www.facebook.com/OracleCloudComputing

Tuesday Oct 02, 2012

News from OpenWorld: Innovation Across Fusion Middleware Product Portfolio

Oracle today announced that it continues to drive innovation across its Oracle Fusion Middleware product suite and extend industry’s #1 business innovation platform for the enterprise and the cloud.  

Innovations across Oracle Fusion Middleware product portfolio help customers and partners to innovate, cut costs, and reduce complexity. Oracle Fusion Middleware components include  Oracle SOA Suite, Oracle WebLogic Server, Oracle WebCenter, Oracle Business Intelligence, Oracle Identity Management and Oracle Data Integration.

Additional Resources:

Press Release: Oracle announces Identity Management 11g Release 2

Press Release: Oracle announces Oracle Identity Governance Suite

Press Release: Oracle announces Oracle Privileged Account Manager

Website: Oracle Identity Management

On-Demand webcast: Identity Management 11gR2 Launch

Oracle Magazine: Security on the Move

OOW2012 Session: Identity Management and the Cloud

Cloud architecture and the agility and cost savings it provides are compelling reasons for companies to consider this alternative deployment option.  However, concerns about security keep customers from making the investment.

If you are at Oracle Openworld 2012, please join us for a discussion about IDM and the Cloud - Wednesday,  October 3 @ 1:15 pm - 2:15 pm in Moscone West 3008.

Mike Neuenschwander and Melody Liu from Oracle will host special guests John Houston from UPMC, Tim Patterson from CONAGRA Foods Inc., and John Hill from SaskTel as they discuss how customers are addressing security and identity issues in the cloud.

Click the link for a full session description: session description

Tuesday at OpenWorld: Identity Management

At Oracle OpenWorld? From keynotes, general sessions to product deep dives and executive events, this Tuesday is full of informational, educational and networking opportunities for you.

Here’s a quick run-down of what’s happening today:

Tuesday, October 2, 2012

KEYNOTE: The Oracle Cloud: Oracle’s Cloud Platform and Applications Strategy
8:00 a.m. – 9:45 a.m., Moscone North, Hall D

Leading customers will join Oracle Executive Vice President Thomas Kurian to discuss how Oracle’s innovative cloud solutions are transforming how they manage their business, excite and retain their employees, and deliver great customer experiences through Oracle Cloud.

GENERAL SESSION: Oracle Fusion Middleware Strategies Driving Business Innovation
10:15 a.m. – 11:15 a.m., Moscone North - Hall D

Join Hasan Rizvi, Executive Vice President of Product in this strategy and roadmap session to hear how developers leverage new innovations in their applications and customers achieve their business innovation goals with Oracle Fusion Middleware.

CON9437: Mobile Access Management
10:15 a.m. – 11:15 a.m., Moscone West 3022

The session will feature Identity Management evangelists from companies like Intuit, NetApp and Toyota to discuss how to extend your existing identity management infrastructure and policies to securely and seamlessly enable mobile user access.

CON9162: Oracle Fusion Middleware: Meet This Year's Most Impressive Customer Projects
11:45 a.m. – 12:45 a.m., Moscone West, 3001

Hear from the winners of the 2012 Oracle Fusion Middleware Innovation Awards and see which customers are taking home a trophy for the 2012 Oracle Fusion Middleware Innovation Award.  Read more about the Innovation Awards here.

CON9491: Enhancing the End-User Experience with Oracle Identity Governance applications
11:45 a.m. – 12:45 p.m., Moscone West 3008

Join experts from Visa and Oracle as they explore how Oracle Identity Governance solutions deliver complete identity administration and governance solutions with support for emerging requirements like cloud identities and mobile devices.

CON9447: Enabling Access for Hundreds of Millions of Users
1:15 p.m. – 2:15 p.m., Moscone West 3008

Dealing with scale problems? Looking to address identity management requirements with million or so users in mind? Then take note of Cisco’s implementation. Join this session to hear first-hand how Cisco tackled identity management and scaled their implementation to bolster security and enforce compliance.

CON9465: Next Generation Directory – Oracle Unified Directory
5:00 p.m. – 6:00 p.m., Moscone West 3008

Get the 360 degrees perspective from a solution provider, implementation services partner and the customer in this session to learn how the latest Oracle Unified Directory solutions can help you build a directory infrastructure that is optimized to support cloud, mobile and social networking and yet deliver on scale and performance.


Executive Edge @ OpenWorld: Chief Security Officer (CSO) Summit
10:00 a.m. – 3:00 p.m.

If you are attending the Executive Edge at Open World, be sure to check out the sessions at the Chief Security Officer Summit. Former Sr. Counsel for the National Security Agency, Joel Brenner, will be speaking about his new book "America the Vulnerable". In addition, PWC will present a panel discussion on "Crisis Management to Business Advantage: Security Leadership". See below for the complete agenda.


And don’t forget to see Oracle identity Management solutions in action at Oracle OpenWorld DEMOgrounds.




Access Management: Complete and Scalable Access Management

Moscone South, Right - S-218

Monday, October 1
9:30 a.m.–6:00 p.m.
9:30 a.m.–10:45 a.m. (Dedicated Hours)

Tuesday, October 2
9:45 a.m.–6:00 p.m.
2:15 p.m.–2:45 p.m. (Dedicated Hours)

Wednesday, October 3
9:45 a.m.–4:00 p.m.
2:15 p.m.–3:30 p.m. (Dedicated Hours)

Access Management: Federating and Leveraging Social Identities

Moscone South, Right - S-220

Access Management: Mobile Access Management

Moscone South, Right - S-219

Access Management: Real-Time Authorizations

Moscone South, Right - S-217

Access Management: Secure SOA and Web Services Security

Moscone South, Right - S-223

Identity Governance: Modern Administration and Tooling

Moscone South, Right - S-210

Identity Management Monitoring with Oracle Enterprise Manager

Moscone South, Right - S-212

Oracle Directory Services Plus: Performant, Cloud-Ready

Moscone South, Right - S-222

Oracle Identity Management: Closed-Loop Access Certification

Moscone South, Right - S-221

For a complete listing, keep the Focus on Identity Management document handy. And don’t forget to converse with us while at OpenWorld @oracleidm. We look forward to hearing from you.

Thursday Jul 19, 2012

Announcing Oracle Identity Management 11gR2: New features for mobile, social & cloud, and new Privileged Account Management.

Today Oracle announces a major new release of its Identity Management offering, and with it comes some very cool new features.

A lot of features in this release are focused on extending Oracle’s expertise in security and IDM to mobile applications, social identities, and cloud applications. New features support native mobile security and single sign-on, social sign-on: to allow customers to log into a website with their social identities, and improved security and integration for cloud applications.

Big improvements have also been made to the self service access request UI to make it more business user friendly, including plain English searching to request application access and roles, and shopping cart style check-out. Automated confirmations and workflows allow business users to get updates and check the status of their requests. In addition, extensive customization is now possible to allow companies to completely control the look and feel of these pages.

More details on the new release here: http://www.oracle.com/us/corporate/press/1708069

Also introduced in this release: Oracle Privileged Account Manager (OPAM) is a whole new set of functionality focused on managing administrative passwords for applications, databases and operating systems. Although it can operate as a stand-alone application, the real value comes from its integration with other IDM components: such as self service password request UI and automated workflow approvals via Oracle Identity Manager, and detailed historical reporting via Oracle’s BI tools.

More details on OPAM here: http://www.oracle.com/us/corporate/press/1707986

Listen to the launch webcast and hear Amit Jasuja and Hassan Rizvi talk about the new features and business value here: http://bit.ly/LYWOB9

Tuesday Jan 17, 2012

Followup From Webcast: Preventing Fraud in The Cloud

Thanks to all who joined our webcast today on preventing fraud in the cloud. If you missed the webcast, you can catch the on-demand recording here. If Identity in the cloud is of special interest, you can learn more about the topic on another upcoming webcast we will host on January 25th webcast. You can register for the event here. Here is an embedded copy of the slides.  In addition, there were a few audience questions during todays webcast and I have captured the answers below. 

Od webcast-cloud-fraud final
padding-right: 0px; padding-bottom: 12px; padding-left: 0px; "> View more presentations from OracleIDM

Q: Thinking of fraud and Identity Management - how can Identity help address this ?

A:  In addition to our adaptive access offering which Gail spoke of, there are other things organizations should look at. Organizations should look at Oracle Identity Analytics to provide review of access rights to prevent and detect access that is inappropriate. In addition, organizations should look at automated provisioning to help automatically remediate access violations that are detected.

Q: What cloud based applications does Oracle support today.

A: Today we have connectors that support the big brands: Google, Salesforce, Facebook etc. and we provide the ability to extend our connectors to support OAUTH enabled and standards based access via cloud providers.  Oracle On-demand today deploys the Oracle connectors in house and has the expertise to setup and manage these connectors as well.

Q: How is Oracle's cloud services different or more secure compared toother providers ?

A: Oracle is at the forefront of security services. We have been in the business for a number of years. Oracle as a company is security focused. We look at controls across all of the technologies and employ a consistent operational discipline aligned with the ISO framework. We have been PCI compliant for a long time and we process for the federal government.  This provides the highest level of security assurance. 

If you are feeling frustrated with getting access to your cloud applications, you will probably relate to the video below.

Wednesday Jan 04, 2012

A Case Study in Building a Secure Cloud with Identity Management

Security is the number one barrier to cloud adoption. Organizations that move applications into the cloud have to bridge the security gap between the enterprise and the cloud by providing user administration, application authorization, authentication and compliance reporting to restore control and address regulatory mandates. 

Identity Management can bridge this security gap across various cloud deployment scenarios. With directory services, organizations can synchronize identities stored in multiple different places. 

With Access Management, enterprises can enable users to use a single log in to securely access various applications regardless of whether they are on-premise or in the cloud. Authorization policies can restrict access to sensitive information based on the roles and entitlements of users. Password policy management can be used to enforce strong password policies and be compliant with regulations.

With Identity Administration, enterprises can simplify the management of user and role lifecycles. Identity analytics can help address the stern challenges of complex regulations.

Adaptive Access solutions help detect and prevent fraud in real-time. Adaptive Access solutions can be used to layer additional authentication security on top of existing authentication schemes for sensitive applicatons.

SaskTel has successfully overcome the cloud security barrier by utilizing Oracle Identity Management to restore control and governance in the cloud environment. Join us for a live webcast on Jan 25 to listen to how SaskTel accomplished this. In this webcast, SaskTel Chief Technology Officer Brian Baird will discuss how SaskTel created a foundation for cloud applications to secure user access and restore audit visibility to reduce the adoption barrier. We will also discuss the architecture needed for Identity Management in the cloud, and how organizations can get started.

Register here for this webcast.

Thursday Nov 03, 2011

2011 Innovation Award Winners - Identity Management

The winners of 2011 Innovation Awards were announced last month during Oracle OpenWorld. The Award recognizes customers for achieving significant business value through innovative uses of Oracle Fusion Middleware.  For Identity Management, that meant deriving and proving exceptional business value, delivering architecture innovation, solving unique challenges and driving industry leadership. With over 20 nominations this year, the panelists had a difficult task ahead of them. One thing was certain though, the winners would be great examples of excepetional use of cutting-edge Identity Management solutions.

This year's winners demonstrated new ways of leveraging cloud and social environments to enhance customer interaction and service levels as well as building business intelligence from IT data to empower business and support management decisions. We congratulate the winners of 2011 Innovation Awards for Identity Management:

ING North America Insurance

Looking to streamline the access certification processes for in-time compliance and manage the complexity of user identity administration, ING North America Insurance implemented Oracle Identity Analytics and Oracle Identity Manager. A combination of detailed planning, close collaboration with Oracle and its implementation partner, and the use of advanced industry solutions allowed ING to achieve its compliance and governance goals. In addition, with business friendly reports and actionable insight, ING's implementation empowered business and offered greater transparency. The team was also able to clearly define, measure and present success metrics to the business.

College Board

With over 50 identity stores and multiple point solutions including some custom technologies, the organization found integrating applications and extending the identity management platform to be complex, time-consuming, costly and unscalable. The approach also left security gaps. To tackle these inefficiencies and unnecessary overhead, College Board started with the implementation of Oracle Identity and Access Management Suite Plus. Not only was the organization looking to seamlessly replace the old, non-standard custom system with a centralized, integrated, standards-based platform, College Board was also looking to leverage social media with the enterprise environment. The innovative integration with Oracle Identity Manager and Oracle Identity Federation allows the organization to reach millions of potential users via social media and offer advanced services to the users using federated login. The use of Oracle Access Manager and Oracle Directory Services enable secure authentication services for College Board's users.


A subsidiary of Turk Telecom, TTNET serves over 6.5 million subscribers across Turkey, providing high technology broadband and other value-added services (VAS). TTNET's VAS are different web applications (each with their own authentication server and user repositories) and technologies coming from 10 different partners. Providing a seamless experience to the customer, thus, became a challenge. Lack of a common authentication platform also left security gaps. With the implementation of Oracle Identity and Access Management Suite Plus, TTNET launched its "Tek Sifre" (One Password) project VAS, providing its subscriber base unified single sign-on with secure and standard authentication and user administration in the background. Now, the customers can use secure single sign-on while the company leverages a standards based user access management and identity adminsitration platform for identity management and compliance, SLA reporting.


Here is a great example of cloud-based Identity-as-a-Service implementation. The company wanted to enforce and streamline user access compliance and automate user provisioning but without having the burden to maintain the infrastructure in-house. So, leveraging Oracle Identity Manager and Oracle Identity Analytics technologies via Simeio Solution's DirectAXS offering, the company was able to achieve its compliance, security and user productivity goals. The implementation benefits included streamlined and automated user provisioning, complete with audit trails and efficient access certification with complete view of user privileges and advanced detection and remediation of ghost accounts.

For information on the winners of the Fusion Middleware Awards for 2011, visit:


Monday Oct 03, 2011

Identity Management at Oracle OpenWorld - Monday WrapUp

Oracle OpenWorld has officially kicked off in high gear. There were three highlights from today’s Identity Management activities: 

  • Identity Management Demos: If you haven’t already checked out the Identity Management demogrounds in Moscone South, don’t miss it. This year, the Oracle IDM product team has pulled out all stops to bring together one of the most exciting set of demos we have seen. The 9 Identity Management demos are all designed to prove why Oracle Identity Management is the most complete and most integrated solution in the world. Each demo validates several real world use case scenarios that need an end to end solution. And this year, there is an added bonus. If you check out all the 9 IDM demos, you can enter to win an Apple TV. 
  • Identity Management Keynote: In his general session address, Amit Jasuja - VP of Oracle Identity Management and Security Products, discussed several key identity management trends and how innovation is the key driver behind Oracle’s Identity Management momentum. One of the key industry trends over the last couple of years has been the consumerization of IT and how it has fueled some secular trends like cloud, social and mobile computing. Identity Management and security are now important than ever as workforces everywhere need anywhere anytime access. Amit’s session showcased 3 cool demos –cloud-social-mobile integration, self serve access, and privileged user access control.
  • Customer Successes: One of the best barometers of a product’s success is its customer adoption. This year Oracle is showcasing several case studies that underscore why Oracle Identity Management leads the industry. In Amit Jasuja’s keynote, the CISO of Toyota discussed how Toyota is using Oracle Identity Management to bring social networking straight to your automobile. Earlier in the day, we had ING and Kaiser discuss how they are winning with Oracle Identity Analytics. Later in the day, we had Sasktel talk about how they are leveraging Oracle Identity Management to deliver identity services in the cloud. During the next three days, you will get an opportunity to hear from several other customers who have realized the benefits of Oracle Identity Management.

For a complete listing of Identity Management demos and sessions at OpenWorld, see the Identity Management Focus On. 

Identity Management at Oracle OpenWorld Today

You can tell that this is going to be a good week. San Francisco is wearing red (and is looking good in it!). If you are in the Bay Area, you know that Oracle OpenWorld 2011 is underway. And as you make your way through the busier than usual streets around Moscone Center, if identity management and security and top of mind for you, we have your route chalked out for today:

Monday October 3, 2011

Oracle Identity Administration and Governance Customer Panel
12:30 pm - 1:30 pm
Moscone West, Room 3022

Join your Identity Management peers from Target, ING and Kaiser as they discuss successful strategies for implementing access certification, role management and user administration. Find out the challenges they were looking to solve, the implementation best practices and key metrics that can be used to measure and demonstrate project success.

Trends in Identity Management
2:00 pm - 3:00 pm
Moscone West, Room 3022

Identity management continues to be a dynamic market. Cloud computing has heightened the interest in user access security, mobile computing has changed the rules of access to information beyond the enterprise, and security compliance has made organizations rethink their roles and entitlements strategy. Join Amit Jasuja, Vice President, Oracle Identity Management as he discusses the trends in identity management and how each relates to work being done at Oracle. Amit will be joined on stage by Bently Au, CISO, Toyota, who'd be sharing the innovative use of Oracle Identity Management solutions at Toyota. You don't want to miss this session!

Identity and Access Management for Oracle Applications
3:30 pm - 4:30 pm
Moscone West, Room 3022

Have Oracle Applications in-house? Then this is a session for you! Learn how Oracle is leading the way in how security policies are handled for applications. Typically these policies would be hard-coded into applications, making it difficult to centralize security administration and enforcement. Find out how Oracle Identity Management enables organizations to externalize user and security policy data from applications for faster development, better agility, and lower integration costs. Expert from Agilent will join Oracle on stage and discuss the impact of the new approach on application lifecycle. This session will also cover Oracle Identity Management integrations with Oracle's leading ERP systems (including Oracle E-Business Suite and PeopleSoft Enterprise applications).

Identity Administration Management for the Cloud
5:00 pm - 6:00 pm
Moscone West, Room 3022

Security continues to be the main barrier in adoption of cloud despite the obvious advantages the cloud framework offers. Key to the security aspect is user access to applications in the cloud. Enterprises are now managing employees' access to cloud applications and expanding their identity administration to include users in the cloud. Cloud providers that host applications must have user provisioning as part of their infrastructure. Some cloud providers are even planning to host identity administration as a service. Whether user provisioning is on- or off-premise, remote connectivity alone is not enough to provision user access. This session discusses how a provisioning gateway that supports identity administration to a controlled set of targets can enable a provider to expose administration services without "giving up the keys to the kingdom".

So, as you can see, from applications to mobile to cloud security to the recent trends, whatever your interest in Identity Management, we have you covered. We look forward to having a good conversation with you at (and about) these sessions. Enjoy Oracle OpenWorld!


Oracle Identity Management is a complete and integrated next-generation identity management platform that provides breakthrough scalability; enables organizations to achieve rapid compliance with regulatory mandates; secures sensitive applications and data regardless of whether they are hosted on-premise or in a cloud; and reduces operational costs. Oracle Identity Management enables secure user access to resources anytime on any device.


« July 2016