Cloud Security Perspectives and Insights

  • July 14, 2017

Leverage, Extend, Innovate: A journey to managing identities in the cloud

One of the early adopters of our Identity Cloud Service is a leading telecom provider in Asia-Pacific, operating the largest mobile, fixed line and broadband networks in their country. They made significant investments in Digital Transformation during 2016 to improve the productivity of their employees and to deliver new services to their customers.  One of their key business drivers to pursue Digital Transformation was to bring new apps to market faster while ensuring that employees and external users have secure, role-based access to these applications.

Editor's Note: Check out the blog below by Sanjay Sadarangani, Principal Product Manager for the Identity Cloud Service, about how Oracle enabled this customer for success in their Digital Transformation. 

Over the past several years, this customer had procured a large number of SaaS and on-premises business applications. Most of these applications had already been integrated with Single Sign On (SSO) with their existing Oracle Identity and Access Management (IAM) deployment. But they had several applications which were disconnected from their central IAM system and were being managed as silos, often by individual lines of businesses (LOB). Some of these applications could not be integrated with their IAM as either they did not provide standard interfaces for SSO, or the respective LOB did not have the time or budget to SSO-enable these applications. The result was that users of these disconnected and silo’ed applications were being forced to manage multiple sets of credentials.

This is a fairly typical conundrum that we find several customers in, after years of procurement of disparate SaaS applications from different vendors. Oracle’s Identity Cloud Service helped this customer overcome these challenges and implement centralized SSO and provisioning to all their applications. 

The implemented solution enabled:

  • Users to authenticate to cloud applications using their passwords stored in on-premises Oracle IAM. No more silos, and no more managing multiple sets of username-password pairs! 
  • Administrators to enable real time synchronization of users between on-premises AD and Identity Cloud Service without any manual intervention. Password reset support costs have dropped by over 70% since deployment. 
  • Admins to deploy new applications rapidly by choosing from a large set of pre-built application SSO integrations using SAML or Secure Form Fill. The LOB’s love IT now since they now roll out new apps much faster than ever before!

The speed and simplicity with which they could extend their on-premises IAM to a cloud platform and enable SSO for all their cloud applications was the key factor in selecting Oracle's Identity Cloud Service. 

What’s Next?

After starting with leveraging their on-premises IAM to extend identities to the cloud, the customer is now focused on innovating with additional capabilities to further strengthen the security of their applications and further reduce their operational costs. In the fairly near term, they plan to:  

  • Enable risk-based access policies to certain SaaS applications that contain sensitive corporate data.
  • Migrate access management of on-premises applications such as Oracle EBS and PeopleSoft to the cloud as well.

About the Author: Sanjay Sadarangani is an experienced Security professional who has over a decade of experience across identity management, access management directory service, mobile security and database security. In his current role he is responsible for driving Oracle's Multi-factor and Access Management strategy.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.