Thursday Jun 11, 2009

Achieving PCI-DSS compliance with Sun Identity Suite of products ..

Are you in the Retail, Financial, Telecom industries? Do you have a system which involves payment via credit cards? PCI Data Security Standard (PCI DSS) is a a standard which is - "The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data." . There is a deadline to be PCI-DSS compliant, and its approaching fast ..

Sun Identity suite of products - Sun Identity Manager, Sun Role Manager, Sun Compliance Manager and Sun OpenSSO can help in meeting several of the requirements, to achieve compliance. A webinar is being organized, which will touch upon these aspects, and offer details on how Sun Identity suite helps. Please register at to attend this webinar, on Wednesday, June 17, 2009 at 10:00 am PDT / 1:00 pm EDT / 17:00 GMT/UTC and 10.30 PM Indian Standard time .

Thursday Jun 04, 2009

Passed - Sun Certified Integrator for Identity Manager Exam

Passed the Sun Certified Integrator for Identity Manager exam this morning. Whew, what a relief. Did some amount of preparation for the last three days, thanks to a lot of prodding and guidance from my friend at Sun Learning, Rajesh. Thanks Rajesh

As explained in the exam objectives, there is stuff from SPML, General IDM architecture, Where IDM fits in, XPRESS language questions using snippets of code, Reconciliation etc etc. Most of the stuff is covered in the IDM-345 class, but I had not done this course. I had done a very old course called IDM-2535 or something like that, five years back ;-)

Finally, why did I do it? Well, I have been working in different areas of Sun Identity Manager since 2005, but had never gotten a chance to validate, what I knew, and if I had covered all the areas of Sun IDM. An exam, I believe, is the best way to validate your breadth of knowledge. Of course, the certifications are no substitute for real world experience, but atleast you can trust that a "certified" person knows the basics ;-)

Wednesday Mar 11, 2009

Sun - Deloitte Compliance road show

Sun and Deloitte are organizing a roadshow at Delhi and Mumbai on Identity compliance. The details of the roadshow are:

Achieving Compliance and Efficiency - through Identity & Access Audits

The recent proliferation of Fraud, Regulatory and Compliance requirements have increased the cost of compliance, created audit fatigue, and taken valuable cycles away from risk management, compliance, information technology & lines of businesses.

Every organization faces the need to have defined, effective and efficient processes to manage against Fraudulent or Unauthorized Access to their critical business assets and information, by • Granting Right Access to Right People “in-time” • Changing Access “in-time” when users exit the organization, or change role & responsibilities • Performing periodic review of ‘Who has access to what’ • Performing periodic review of Segregation of Duties

To address these needs, Deloitte and Sun have developed a business aligned approach and methodology, which integrates leading Identity and Access Management practices with industry leading IAM technology. Our solution will enhance the quality, automation and efficiency of your access audit, compliance and attestation processes.

We are pleased to invite you to an exclusive invitation only event in which we will present our Point-of-View on how you can Manage Access and meet your Audit & Compliance requirements and secure your critical business assets and information.

Venue Delhi : Hyatt Regency
Date: 17th March 2009
Time: 6:00 pm - 8:30 pm (Followed by cocktail & dinner)

Venue: Mumbai Hyatt Regency Date: 19th March 2009
Time: 6:00 pm - 8:30 pm (Followed by cocktail & dinner)

If you would like to attend, and you are at a fairly high level in the org hierarchy to influence decisions ;-), please drop in a email at mani-dot-chandra-at-sun-dot-com.

Sunday Feb 15, 2009

"Genpact Enhances Security, Compliance with IDM" - One of Sun's Identity Manager customers in India

From ( :

Sun Identity Manager provides Genpact with role- and rules-based provisioning of policies for users, organizations, resources, roles, or services, which ensures that its security requirements are automatically enforced.

In addition, the Sun solution helps provide Genpact with the ability to easily review the status of access services at any time, which both improves audit performance and helps achieve compliance with governmental mandates. "Sun Java System Identity Manager gives us an exceptional platform for managing identity profiles and permissions, which enhances our overall enterprise security while allowing us to reduce operation costs," said Tom Sheffield, manager, identity & access management at Genpact.

"Sun's Identity Management solution greatly reduces the time it takes to get users up and running productively, change user access privileges and to instantly and securely revoke accounts when their relationship with our company ends." Over the next 2 years, all IT access authorizations for the Genpact global workforce as well as 1700 contractors and partners, located across India, Mexico, US, Hungary, Romania and China, will be integrated into the system, which utilizes identity management technology provided by Sun Microsystems.

Read the complete story at

Tuesday Feb 03, 2009

Passed CISA

Whew !! I had taken the CISA(Certified Information Systems Auditor) exam from ISACA in Dec 2008. Finally after a long eight weeks, got an email this morning, that I have PASSED the exam. Wow, this was a tough and long exam, and requires some time to prepare for the exam. I used the CISA review manual, attended a two day refresher course conducted by ISACA Bangalore and did some mock exams (during the last few hours) to prepare for the exam. I am happy, the efforts turned out to be worthwhile.

Friday Jan 30, 2009

Buzz about Identity in the Indian media ......

In CXOToday : Sun Reinvents Identity Management Business - By Sonal Desai - Mumbai, Jan 28, 2009 1108 hrs IST

With the rising usage of identity and Web-based services in the last few years, Sun Microsystems is reinventing its identity management business to efficiently protect user administration, authorization, and authentication.

The new thrust on IM is because the network is ushering in a new era of business growth and opportunity. People are using network communications to interact and collaborate in ways that were impossible a few years ago. These new capabilities have quickly created new expectations for today's enterprise," said Manish Malhotra, director (software) of Sun Microsystems India ..". More at at

In ChannelTimes : Sun Microsystems to Appoint Partners for IM Biz By Sonal Desai Mumbai, Jan 30, 2009 1548 hrs IST

Sun Microsystems India that recently announced strategy to reinvent its Identity Management (IM) business is planning to add more value-added partners for the same. The IM solutions will be rolled out across India, and the company will initially target the telecom, BFSI, GEH, retail and manufacturing verticals. According to Manish Malhotra, Director (Software), Sun India, "In India, identity management, SOA and MySQL represent top areas of focus for Sun under the enhanced Sun Partner Advantage Programme with the introduction of the open access channel programme, and a set of new software specialties. The software specialties programme, which was launched in the US in November 2008, is the first such programme we have launched in India. The programme provides Sun and its partners with new ways to reach new customers, open new markets and grow their businesses.". More at at

Tuesday Dec 30, 2008

Sun Identity Manager now supports MySQL 5.0.60SP1 Enterprise Edition as a production repository!

A long pending demand from our customers and from the field, was to support MySQL as a repository in production (it was only supported in development so far) for Sun Identity Manager. This has come true with the release of the 8.0.4 patch, where MySQL 5.0.60SP1 is now supported in production. if you have a valid sunsolve account, you can download the Identity manager patch at
With this, the TCO offered by the Sun Identity Manager + MySQL combination will be very compelling and competitive.

Friday Oct 24, 2008

Sun Identity Compliance Manager released

Sun Identity Compliance Manager, a cost-effective solution for achieving identity compliance, has been launched. Sun Identity Compliance Manager was created to provide a targeted solution for addressing the compliance issues related to identity and access to systems, applications, and data that are often the leading drivers for companies purchasing Identity Management products.

How Customers Benefit
Customers can address compliance challenges head-on with features that enable them to successfully manage access and entitlements, enforce SoD, track requests, and report status.
  • Access Certification
    • Automates existing processes for certifying the access assigned to user by business managers and application owners
    • Provides a glossary that translates cryptic access permissions into business-friendly terms
    • Sends reminder notices and escalations for aging certifications
    • Policy Enforcements
      • Enables enterprise-level monitoring of access for conflicts in segregation of duties and security policy, such as role-versus-actual exceptions and terminated-users-with-active-accounts exceptions
      • Supports inter- and intra- application security policy enforcement
      • Includes a comprehensive list of best practice segregation of duties controls out of the box
      • Provides complete lifecycle management of a policy violation
      • Offers a mitigating control for violations that are not fixed
      • Enables manager sign-off to be acquired on policy violations
    • Compliance Dashboard
      • Delivers an enterprise view of certification status including outstanding reports and decisions made during a certification
      • Provides an enterprise view of policy exceptions
      • Tracks policy exceptions by type and business unit
      • Provides historical trending analysis for policy exceptions, certification decisions, and role approvals

    So, now within our Identity management suite of products, we have Sun Identity Manager, Sun Role Manager and Sun Identity Compliance manager. Where do you use what? :
    1. Identity Manager : Provides comprehensive user provisioning and identity auditing for efficiently and securely managing identity profiles and permissions across the enterprise and beyond, reducing costs and compliance risk.
    2. Role Manager : A role-based compliance solution that conducts role mining to analyze user access patterns and define roles for managing access to enterprise resources. Streamlines access control and identity compliance by engineering and managing roles.
    3. Sun Identity Compliance Manager : In situations, where you do not need the complete role management, and need only Identity Compliance and you need it quickly, you can use Sun Identity Compliance manager. The features of this product are a subset of Sun Role Manager.

Monday Jun 09, 2008

Sun Identity Manager 8 released

A landmark event, Sun Identity Manager has been released. The following are the features (as given in the download link):

Sun Identity Manager 8.0 offers expanded Role support, enhanced reporting capabilities, and updated resource adapter support. This update improves upon the industry-leading Identity Manager 7.1 solution with:

# Role Enhancements

  • Role life cycle management allows approvals on Role creates, edits and deletes, and role changes can be applied to all assigned Users.
  • User-to-Role life cycle management improvements support future and temporary Role assignments.
  • Default Role types include Business Roles, IT Roles, Applications, and Assets.
  • Business Roles can contain required, conditional, and optional roles that allow fine tuning of access within the scope of a Business Role.

# Enhanced Reporting with Data Exporter
  • Identity Manager operational data can be available to other processes and applications.
  • Data within Identity Manager can be exported to a customer-managed data warehouse or third-party business intelligence and reporting tool.
  • Exported data can answer historical questions regarding 'Who had access to a system, and who approved that access?'. It can also show operational behavior over time, such as 'Provision Operations by Resource' and 'Workflow Approval Response Times'.

# Supported Resource Additions and Updates
  • Microsoft Exchange 2007 (New)
  • Microsoft Active Directory Application Mode (ADAM) (New)
  • RSA SecurID 6.1.2 (Updated)
  • Siebel CRM 8.0 (Updated)
  • Oracle E-Business Suite on Oracle Applications 12 (Updated)
  • HP OpenVMS 8.3 (Updated)

# Bug Fixes and Platform Support Updates
For more information about this release, see the Identity Manager 8.0 Release Notes or the Identity Manager documentation set.

General Availability (GA) is scheduled for July 14th. The localized files and documents will be available at that time. Please download and start using it today. Documentation is available at .

Ramblings of a Sun engineer based in Bangalore, India. Strictly my own views and not my employer's.


« July 2016