X

@OracleIMC Partner Resources & Training: Discover your Modernization options + Reach new potential through Innovation

Oracle Identity Cloud Service enabling legal and compliance requirements

Mihai Dragomir
EMEA A&C Cloud Adoption & Implementation Consultant

Context of identity and cloud access controls

An intelligent Security Operations Center (SOC) needs threat intelligence and contextual awareness but, first of all, it needs to have the context of identity.   
The concept of Security Operations Center (SOC), introduced by Gartner, can be defined both as a team, often operating in shifts around the clock, and a facility dedicated to and organized to prevent, detect, assess and respond to cybersecurity threats and incidents, and to fulfill and assess regulatory compliance.

Centralized identity-as-a-service allows SOC managers to centralize and normalize user activities. Oracle Identity Cloud Service (IDCS) enables them to manage and govern identities for applications that are on-premise and in the cloud, to streamline the process of accepting trusted identities and to audit which users can access which resources at which times.  

As cloud has become a primary context for business services, SOC managers also need comprehensive visibility into compliant use of cloud services, even across multiple cloud providers.  

Oracle Identity-based Security Operations Center (SOC) is a cloud-based, context-aware, intelligent automation platform
designed to detect and respond to advanced threats and persistent attacks as well as establish a feedback loop for adaptation
and evolution. This means it can better protect users, applications, APIs, content, and workloads.

With the release from December 2018, Oracle Identity Cloud Service has introduced the Terms of Use feature.

Terms of Use allows organizations to easily configure customized disclaimers and acceptable use policies for users on an application basis. Also collect consent from users before allowing them access to their applications.

The Terms of Use are the rules that one must agree to abide in order to access an application.

The Terms of Use feature in Oracle Identity Cloud Service helps customer to set the terms and conditions for the users to access an application, based on the user's consent. This feature allows the identity domain administrator to set relevant disclaimers for legal or compliance requirements and enforce the terms by refusing the service.

When the user logs in for the first time, the relevant disclaimers for legal or compliance requirements are displayed. The user has the option of either accepting or denying his consent for accessing that particular application based on the content of the disclaimer. If the user does not provide his consent by accepting the Terms of Use, he will not be allowed to access that particular application.

Oracle IDCS Terms of use capabilities:

 

  • Require employees or guests to agree to your Terms of use before getting access.
  • Present general Terms of use for all users in your organization.
  • Present specific Terms of use when accessing high business impact applications, like Fusion HCM or Oracle Support.
  • Present Terms of use in different languages.
  • Assist in meeting legal, compliance and privacy regulations.

 

For a complete overview of Terms of Use policies and management capabilities, please refer to the following article:
https://docs.oracle.com/en/cloud/paas/identity-cloud/uaids/manage-terms-use.html

You create a Terms of Use that you can map it to an application or to multiple applications. When a user tries to access a particular application, the Terms of Use mapped to that application is presented to the user. When the user accepts the terms of use and provides his consent, he is allowed to access that application.  
For a demo, alongside other Sign on policies use-cases, please refer to the following webcast:
https://blogs.oracle.com/imc/partner-webcast-conditional-and-adaptive-access-on-oracle-identity-cloud-service  

 

Find out more at:  
https://www.oracle.com/cloud/security

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.