Monday Feb 21, 2011
Friday Feb 18, 2011
By nwooler on Feb 18, 2011
A great leap forward for security and the cloud. Google announced last week that they will support two factor authentication within there very popular Gmail application. I have used Gmail for years and have enjoyed how it has provided innovation within a very important aspect of communication. However, security has been a secondary consideration within the innovation life-cycle. They were one of the first to institute security questions but this is not enough these days. Especially after high-profile people have had email accounts hacked with similar security features (e.g. Sarah Palin).
So here is the way that it works. Go to this page on Google's help site and they will walk you through the options. What is great about the way they have implemented the system is that no matter what your phone situation they have you covered. So, even those with a simple land-line to the house can benefit from the increased security. The real question is whether the users will take security seriously enough to take the 5 minutes to configure.
Google has been more committed than most to the importance of security. I encourage you all to read their philosophy on security. You can read more about their philosophy here.
Friday Oct 01, 2010
By nwooler on Oct 01, 2010
I am finally caught up after a great week last week at Oracle Open World. And it was just in time to read about this great bit of international crime fighting bringing an end to an international cyber-crime ring using the Zeus Trojan to steal allegedly $70M. Details are still coming out but according to this article by The Register the crime ring was able to deploy Zeus and key-log individuals bank accounts and then use "money mules" to access the accounts and make withdrawls illegally. One thing is for sure you have to admire the naming capabilities of the team which came up with "Operation Trident Beach" which shows marketing doesn't have a monopoly on naming talent. Here is a quick paragraph taken from The Register article (full text here):
Trident Beach began in May 2009, when FBI agents in Omaha, Nebraska learned of automated clearing house batch payments to 46 separate bank accounts throughout the US. Agents eventually brought in counterparts from the other involved countries. The payments are a hallmark of Zeus scams, in which hackers break into victim bank accounts and then clean them out using the bank's ACH transfer system.
The thieves targeted small- to medium-sized companies, municipalities, churches, and individuals.
I was talking with Mark Karlstrand, the Product Manager for Oracle Adaptive Access Manager, and he mentioned that the product has two critical features that would have prevented this from happening. According to Mark: "The KeyPad virtual authentication device could have prevented the password theft via key-logger. The use of the passwords from Eastern Europe and other behavior anomalies could have been detected by OAAM real-time risk analytics." As more details come out about the cyber-crime ring and Zeus we will bring you details.
Friday Sep 24, 2010
By nwooler on Sep 24, 2010
I had a great time this week at Oracle Open World. It is quite a show with over 47K attendees spread over 4 city blocks with great sessions and conversations about Identity Management and many other cutting edge technologies. I am definitely in powerpoint overload and would be happy not to see another slide for awhile but the information was great! We have collected some of the photos from the sessions up on our Facebook page here. Here is just one of the pictures from the concert on Treasure Island with the Black Eyed Peas, The Steve Miller Band and Don Henley. It was a great concert.
The presentations were all taped and should be up on the website shortly. Stay tuned for more information as it becomes available. If you followed us on Twitter, please let us know what you think by sending us messages.
The Verizon presentation on Directory Server Enterprise Edition and using Fracational Replication was a highlight for me. It should have been scheduled earlier in the week so that more people could have attended. Verizon has one of the largest directory deployments in the world with 40+ million identities and many partners and LOB's using it as their repository. The Verizon deployment is also a great example of using Fractional Replication to empower LOB's with their own identity repository but allowing the central team to maintain the control over the data. Verizon is also a great example of using SSO to reduce cost and maintain a great User Experience across many different portals. Madhu, thanks for sharing such great information with the identity management community. I will post the presentation once it is available on the website.
Thursday Sep 23, 2010
By nwooler on Sep 23, 2010
Hope you enjoyed the Black Eyed Peas last night. We have an action packed IDM session on Thursday to finish up the show. Here is a quick run down of the sessions. Etienne and I will be introducing Verizon as we talk about how Replication and Fractional Replication are critical features in a high performance Directory Server deployment.
· Follow us on Twitter @OracleIDM. Use hash tags #oow10idm
|9:00 am – 10:00 am
||Middleware s317487 End-t-End Secure Identity Propagation||Moscone South Rm 310|
|| Middleware, Applications s316524 Oracle Idenity Management for
Oracle JD Edwards EntrpriseOne
Moscone South Rm 309
|10:30 am – 11:30 am||Middleware s316991 Database User Management wit Oracle Directry
Services and Actve Directry
|Moscone South Rm 310|
||Middleware s316837 Deploy a Highly Performant Entitlements Solution
wit Oracle Entitlements Server
|Moscone South Rm 309|
||Middleware s317270 Service-Oriented Security: Simplifing Identity
Management for Applications
| Moscone West L3, Rm
|12:00 pm – 1:00 pm
||Middleware s316829 Demystfing IdM: A Custmer’s Guide to a
Practical IdM Deployment Strategy
| Moscone South, Rm 309
|1:30 pm – 2:30 pm
||Middleware S315086 Replication Best Approaches on Directory Server -
| Moscone South Rm 309
||Middleware S316829 Demystifing IdM: A Customer’s Guide t a
Practical IdM Deployment Stategy
|3:00pm – 4:00pm
||Middleware s314871 Oracle Identity Manager and Oracle BPEL Tools
for Digital Identity Management
|3:00pm – 4:00pm
||Middleware s314871 Oracle Identity Manager and Oracle BPEL Tools
for Digital Identity Management
Moscone Sout Rm 309
|3:30 pm – 4:30 pm||Middleware/Oracle Develop S317543 Service Orientd Security 101||Hotel Nikko Mendocino I / II|
Tuesday Sep 21, 2010
By nwooler on Sep 21, 2010
Oracle Open World is off to a great start with plenty of good content and demo's for the business owner or technical implementation team. Yesterday I saw two great demos from the OAM team. Mark Karlstrand, pictured to the right was giving a demo on OTP Anywhere to Bob Blakeley. It was impressive as he used his cell phone to provide a stronger authentication method for a bank transfer -demo not real but you get the point.
There are a couple of ways to follow what is going on during the show.
You can follow us on Twitter by using the hash tags #oow10 #idm or follow us directly @OracleIDM.
We also are uploading pictures and video's from the day at our Facebook page at Facebook/OracleIDM here.
Here are the sessions for Tuesday, Sept. 21 at Oracle Open World
|12:30 pm – 1:30 pm||Middleware s317146 Securing Web Services: Solutions, Best Practices,||Moscone South Rm 309|
|2:00 pm – 3:00 pm
||Middleware s317467 Simplify Identity Management and Support Future Growth with Directory Services
||Moscone South Rm 309|
|3:30 pm – 4:30 pm
||Middleware s317064 Oracle Identity Management Administration Best Practices
||Moscone South Rm 309
|3:30 pm – 4:30 pm
||Middleware s317240 Oracle’s Identity Management Strategy (for Sun, Oracle and New Customers Alike)
||Moscone South Rm 310|
|5:00 pm – 6:00 pm
||Middleware s317484 Case Study: How Cisco Achieved Large-Scale, Highly Available Access Management
||Moscone South Rm 310|
|5:00 pm – 6:00 pm
||Middleware s317244 Enforcing Segregation-of-Duties Controls with Identity Management
||Moscone South Rm 309|
Growth with Directory Services
3:30 pm – 4:30 pm Middleware s317064 Oracle Identity Management Administration Best Moscone South Rm 309
Middleware s317240 Oracle’s Identity Management Strategy (for Sun, Moscone South Rm 310
Oracle and New Customers Alike)
Middleware s317484 Case Study: How Cisco Achieved Large-Scale, Highly Moscone South, Rm 310
Available Access Management
Middleware s317244 Enforcing Segregation-of-Duties Controls with Identity Moscone South Rm 309
Friday Sep 10, 2010
By nwooler on Sep 10, 2010
Oracle Open World is fast approaching and the time to register is NOW so you don't miss out. This year the show is going to be a blast. I have heard rumors about the band that will be performing one night but you know what they say about rumors. More importantly, the IDM team have a lot of new things to talk about at this years show. First, we released 11g this summer which included exciting new approaches like Service Oriented Security, better user experience and new features for:
- Oracle Identity Manager
- Oracle Access Manager
- Oracle Adaptive Access Manager
- Oracle Identity Analytics
If you want a comprehensive list of all the sessions so you can follow along. Please visit the Focus On Identity Management document located here. Also, we have five don't miss sessions which you need to attend. Here are the dates and times. Or, you can find them on our Facebook page here.
| Date & Time
|| Title of Presentation
|Mon 11am||Oracle Identity Management 11g Overview||Moscone South 309|
|Tue 2pm|| Simplify IDM with Directory Services –
||Moscone South 309
|Tues 3:30pm|| Oracle’s IDM Strategy (for Sun, Oracle Customers Alike)
||Moscone South 310|
|Wed 1pm|| Building a Strong Foundation for Your Cloud with IDM
||Moscone South 309|
|Wed 4:45pm|| Complete Identity & Access Governance with OIA 11g
||Moscone South 309|
|Tues 5pm||How Cisco Achieved Large-Scale, Highly Available Access Management||Moscone South 310
The last time the Identity Management team was all together a few photo's were taken and I have included one from that fun event at Burton Catalyst. Hope you will be able to join us!
Tuesday Aug 17, 2010
By nwooler on Aug 17, 2010
Identity compliance projects don't have to be hard! The key to any successful project in IT is delivering value to the business quickly! It is critical to then leverage those early wins into larger wins for the organization. When I used to coach I likened this to walking up a staircase. McKinsey used the analogy to describe the approach successful companies took to manage successful growth. (take a look here)
Oracle Identity Analytics provides a set of tools that can help organizations take the first step up that staircase to Compliance quickly. The approach allows organizations to show value quickly and then build upon those early wins to build better security into the organization. This webcast tomorrow will give insight into how organizations can build in proper segregation of duties, 360 degree review's and proper attestation of roles. One customer of the product used to print out a conference room of paper and had his compliance auditors and business managers review the roles and access rights to meet compliance. Imagine if you had the tools to ensure you could make this process easier. Register today and find out how.
Register Today Here:
|Customer Stories: Tackling Compliance Challenges with Oracle Identity Analytics|
Date: Wednesday, August 18, 2010
Wednesday Aug 11, 2010
By nwooler on Aug 11, 2010
Strategic New Release of Oracle Directory Services Directory Server Enterprise Edition 11gR1
I would like to pass on some good news from the Oracle Directory Services Blog here: The following is a reprint of their recent good news concerning Oracle Directory Server Enterprise Edition: (Download Instructions from Brad Diggs aka The Zone Manager here)
Oracle released a new version of Oracle Directory Server Enterprise Edition 7.0, ODSEE 11g Release 1 recently. The strategic commitment to Sun's Directory Server Enterprise Edition is important for customers who wish to grow the foundation of their identity infrastructure faster and easier. The new release offers improvement in performance over previous releases allowing companies to accelerate their applications while reducing their total cost of ownership. With this new release, companies can also reduce cost by improving serviceability with faster import times and smooth, in-place upgrade that reuses your existing data store. This complete solution provides a directory server, proxy server (for high availability and distribution of data and load), web console and synchronization with Active Directory, all under one product (ODSEE) and licensed as part of Oracle Directory Services Plus.
ODSEE 11gR1 is a rebranded release of Sun Directory Server Enterprise Edition 7.0 and is equivalent to a patch release. It does not include new functionality but provides additional stability and security with the inclusion of many fixes that where previously released as patches and hot fixes.
This release also aligns the list of supported platforms with most other Oracle Fusion Middleware products. For details of the changes to supported platforms, see Platform Support, System Virtualization Support, and Operating System Requirements.
As part of the integration with other Oracle Fusion Middleware components:
You can configure an Oracle Virtual Directory LDAP adaptor to work with ODSEE 11gR1. For more information, see “LDAP Adapter Templates” in the Administrator's Guide for Oracle Virtual Directory.
ODSEE 11g Release 1 can also be synchronized with other directory servers by using the Oracle Directory Integration Platform. For more information see “Configuring Directory Synchronization” in the Administrator's Guide for Oracle Directory Integration Platform.
This updated release
improves the overall quality and robustness of deployments. Among other features and capabilities , by upgrading from DSEE 5.2 or 6.x you might benefit from:
Up to 300% performance improvement
In place upgrade from DSEE 6 and 7 (no need to export/import existing data)
Reduced disk space and memory footprint
Optional data compression
Instant restore capabilities
Advanced tuning capabilities
Improved control over traffic going through Directory Proxy Server
New distribution algorithm with Directory Proxy Server
Updated list of supported Operating Systems, IP v6 supported on all platforms
Directory Service Control Center supported on broader list of application servers
For more information please visit:
Tuesday Jul 20, 2010
By nwooler on Jul 20, 2010
Date: Wednesday, July 21, 2010
Time: 10:00 a.m. PT / 1:00 p.m. ET
Wednesday Jul 14, 2010
Tuesday Jul 13, 2010
By nwooler on Jul 13, 2010
The Identity Management market is evolving and it is an exciting place to be involved in shaping that evolution. For some that evolution is an opportunity for others it is a headache. At Oracle we see this as a great opportunity.
When I started in the Identity Management field it is wasn't even called identity management it was about solving high availability problems for customer and partner extranets before personalization and portal solutions existed. LDAP was a great solution for these problems and Netscape and then Sun Directory Server were the industry best solutions. They still are today. However, in this space alone there has been considerable evolution. Virtual directories, directory proxies, Active Directory Synchronization are all essential components of best of breed directory server product's. Oracle Directory Services Plus is a good example.
The fuel behind this tremendous evolution is the business environment in which these solutions exist. There is no magic in figuring out these key business trends. Organizations face increased threats from global security risks internally and externally.
You had to bury your head in the sand to not notice the fact that these threats have landed some of the greatest IT organizations and governments in prime-time analysis on CNN or on the front page of the major news portals. The global economic slowdown has caused business to seek better value from the products they have already purchased. Increased government scrutiny and regulation has fueled compliance projects and organizations to ensure business and IT audits can be signed off by the CTO and CFO of major organizations. And, the CTO and CFO don't want surprises so they have funded projects and purchased solutions to ensure they stay in compliance ---No Surprises!
At Oracle, meeting these challenging problems with innovation is the name of the game. At the same time, we strive to provide the most complete solutions based on standards for our customers. This is why we are excited about our event next week. At this webinar we are taking a "Giant Leap Forward In Identity Management". Amit Jasuja, Vice President of Identity Management and Security at Oracle, will be sharing the latest news from Oracle on why we believe we are uniquely positioned to solve these business problems for the best organizations on the planet. Register Today for this exciting event.
Wednesday, July 21, 2010
10:00am PDT, 1:00 EDT, 7:00pm CET
Thursday Jun 10, 2010
By nwooler on Jun 10, 2010
Is your Identity Compliance project a GIANT Headache? If so, then we have the little blue pill for your compliance headache. The reason why many organizations experience pain in the compliance programs they run is because of the lack of automated tools, impact to productivity and lack of ongoing actionable information. I have seen this first hand. Organizations usually rely upon project managers and excel spreadsheets collect information from business units and project teams. This then leads to massive efforts to fill in information and send them back to the central team for documentation and reporting to the auditors. Ultimately, this information is old before it is collated into the binders and the report is issued. However, the real result is usually a GIANT HEADACHE for everyone involved.
As Identity theft outpaces any other theft and security challenges for organizations, the problem needs a more efficient solution with better processes and better tools. Business leaders will believe in investment when they can see better utilization of key resources, better on-going information, proven segregation of duties, and ultimately better security.
Niel Gandhi, has the "Advil" for your compliance headache with Oracle Identity Analytics. Register here for the FREE webinar on the ROI of using Identity Analytics. He is has years of experience solving these problems for organizations around the world. Additionally, he has extensive experience as Principal Product Manager, Identity Analytics. Here are a couple of the topics that he will cover in the event:
- Automate critical identity-based controls such as attestation and segregation of duties
- Analyze, mine, and correlate user roles for compliant and efficient user access
- Build comprehensive reports for audit, compliance, and business purposes
- Utilize business-friendly compliance dashboards and metrics
- Give a 360-degree view of user’s access and achieve rapid compliance
However, the ultimate goal of his presentation is to make sure you have concrete ways to help you solve your Compliance Headache without breaking the bank. Hope to see you there!
|Live Webcast: Maximize Compliance ROI With Oracle Identity Analytics|
Date: Thursday, June 24, 2010
Thursday Apr 29, 2010
Register Today for this Webinar! Improve Time-to-Market and Reduce Cost with Oracle Directory Services
By nwooler on Apr 29, 2010
In some studies, enterprises are spending up to 60% of their IT budgets on operational costs thus impacting the available budget to spend on innovation. The challenge we all face in the identity and IT departments is how to get the most out of our existing licenses and reduce cost where possible in delivering IT projects. One of the costly areas of projects is getting at identity data when it lives in legacy applications. This is especially true when you look at Federation projects, mergers and acquisitions or in data center consolidation projects.
If you are running a Federation project and have to access identity data in legacy or disparate data sources and feel like you are herding cats then this webcast is for you! Virtual directories provide a critical tool for Federation projects as they allow you to expose identity attributes without changing code in legacy applications. Additionally, you have control over how the data is accessed allowing you to manage sensitive service level agreements which can cause difficult political battles in organizations when discussing access.
If you have worked on a data center consolidation project either driven by a merger, acquisition or as part of a cost control exercise you need to have a full bag of tools. The tools you bring to the project provide the critical agility needed to meet time-lines but also to minimize impact on business operations. Virtual Directories allow you the ability to connect to data sources without having to alter the application code. This reduces resource requirements, increases speed but most importantly maximizes business continuity.
Register here for this webinar and we will look at ways virtual directories can help you become an identity hero in your organization.
Friday Apr 23, 2010
Sharing 12 years of technology experience as developer, product and program manager, and marketing director. Identity Management, Security, and Product Management issues occupy my mind during the working day. Water Polo keeps me healthy.
- Register Today for Free Webinar: Oracle Security Online Forum Feb. 24
- Cloud Security Grows Up! Gmail & Two Factor Authentication
- Security Breech at University Leads to Questions About Fraud Prevention
- Security: Zeus brought down by Operation Trident Beach
- Day 5: Open World Wrap-up
- Day 4: IDM at Oracle Open World
- Day 2: IDM at Oracle Open World
- IDM at Oracle Open World
- Free Webinar Today: Simplify Access Management with F5 & Oracle
- Free Webinar: Simplifying Access Management with F5 & Oracle Aug. 26. 10:00am