Monday Feb 21, 2011

Register Today for Free Webinar: Oracle Security Online Forum Feb. 24

Oracle and Accenture are holding a new joint event focusing on security. The event will feature great line-up of speakers and sessions that will last from 9:00-1:00pm PT on Thursday, Feb. 24. The event will focus on Security topics that face the enterprise today. The event kicks-off with a keynote presentation detailing emerging security trends and where we think security is headed in the next decade. Please join us for 30 minutes or the entire day.

Key Speakers:

  • Mary Ann Davidson, Oracle’s Chief Security Officer, on industry-leading standards, technologies, and practices that ensure that Oracle products—and your entire system—remain as secure as possible.

  • Jeff Margolies, Partner, Accenture’s Security Practice—on key security trends and solutions to prepare for in 2011 and beyond.

  • Vipin Samar, Vice President of Oracle Database Security solutions—on new approaches to protecting data and database infrastructure against evolving threats.

  • Tom Kyte, Senior Technical Architect and Oracle Database Guru—on how you can safeguard your enterprise application data with Oracle’s Database Security solutions.

  • Nishant Kaushik, Chief Identity Strategist—on how organizations can look to Oracle Identity Management solutions to help them reduce fraud and streamline compliance.

Full List of Sessions: Look here for sessions tab for list

Friday Feb 18, 2011

Cloud Security Grows Up! Gmail & Two Factor Authentication

A great leap forward for security and the cloud.  Google announced last week that they will support two factor authentication within there very popular Gmail application.  I have used Gmail for years and have enjoyed how it has provided innovation within a very important aspect of communication.  However, security has been a secondary consideration within the innovation life-cycle.  They were one of the first to institute security questions but this is not enough these days.  Especially after high-profile people have had email accounts hacked with similar security features (e.g. Sarah Palin).  

So here is the way that it works.  Go to this page on Google's help site and they will walk you through the options.  What is great about the way they have implemented the system is that no matter what your phone situation they have you covered.  So, even those with a simple land-line to the house can benefit from the increased security.  The real question is whether the users will take security seriously enough to take the 5 minutes to configure.

Google has been more committed than most to the importance of security.  I encourage you all to read their philosophy on security.  You can read more about their philosophy here.

Friday Oct 01, 2010

Security: Zeus brought down by Operation Trident Beach

I am finally caught up after a great week last week at Oracle Open World.  And it was just in time to read about this great bit of international crime fighting bringing an end to an international cyber-crime ring using the Zeus Trojan to steal allegedly $70M.  Details are still coming out but according to this article by The Register the crime ring was able to deploy Zeus and key-log individuals bank accounts and then use "money mules" to access the accounts and make withdrawls illegally.  One thing is for sure you have to admire the naming capabilities of the team which came up with "Operation Trident Beach" which shows marketing doesn't have a monopoly on naming talent.  Here is a quick paragraph taken from The Register article (full text here): 

Trident Beach began in May 2009, when FBI agents in Omaha, Nebraska learned of automated clearing house batch payments to 46 separate bank accounts throughout the US. Agents eventually brought in counterparts from the other involved countries. The payments are a hallmark of Zeus scams, in which hackers break into victim bank accounts and then clean them out using the bank's ACH transfer system.

The thieves targeted small- to medium-sized companies, municipalities, churches, and individuals.

 I was talking with Mark Karlstrand, the Product Manager for Oracle Adaptive Access Manager, and he mentioned that the product has two critical features that would have prevented this from happening.  According to Mark:  "The KeyPad virtual authentication device could have prevented the password theft via key-logger. The use of the passwords from Eastern Europe and other behavior anomalies could have been detected by OAAM real-time risk analytics."  As more details come out about the cyber-crime ring and Zeus we will bring you details. 

Friday Sep 24, 2010

Day 5: Open World Wrap-up

I had a great time this week at Oracle Open World.  It is quite a show with over 47K attendees spread over 4 city blocks with great sessions and conversations about Identity Management and many other cutting edge technologies.  I am definitely in powerpoint overload and would be happy not to see another slide for awhile but the information was great!  We have collected some of the photos from the sessions up on our Facebook page here.  Here is just one of the pictures from the concert on Treasure Island with the Black Eyed Peas, The Steve Miller Band and Don Henley.  It was a great concert.

The presentations were all taped and should be up on the website shortly.  Stay tuned for more information as it becomes available.  If you followed us on Twitter, please let us know what you think by sending us messages.

The Verizon presentation on Directory Server Enterprise Edition and using Fracational Replication was a highlight for me.  It should have been scheduled earlier in the week so that more people could have attended.  Verizon has one of the largest directory deployments in the world with 40+ million identities and many partners and LOB's using it as their repository.  The Verizon deployment is also a great example of using Fractional Replication to empower LOB's with their own identity repository but allowing the central team to maintain the control over the data.  Verizon is also a great example of using SSO to reduce cost and maintain a great User Experience across many different portals.  Madhu, thanks for sharing such great information with the identity management community.  I will post the presentation once it is available on the website.

Thursday Sep 23, 2010

Day 4: IDM at Oracle Open World

Hope you enjoyed the Black Eyed Peas last night.  We have an action packed IDM session on Thursday to finish up the show.  Here is a quick run down of the sessions.  Etienne and I will be introducing Verizon as we talk about how Replication and Fractional Replication are critical features in a high performance Directory Server deployment.


· Follow us on Twitter @OracleIDM. Use hash tags #oow10idm

 Time  Title  Location
9:00 am – 10:00 am
Middleware s317487 End-t-End Secure Identity Propagation Moscone South Rm 310

 Middleware, Applications s316524 Oracle Idenity Management for
Oracle JD Edwards EntrpriseOne

Moscone South Rm 309
10:30 am – 11:30 am Middleware s316991 Database User Management wit Oracle Directry
Services and Actve Directry
Moscone South Rm 310

Middleware s316837 Deploy a Highly Performant Entitlements Solution
wit Oracle Entitlements Server
Moscone South Rm 309

Middleware s317270 Service-Oriented Security: Simplifing Identity
Management for Applications
Moscone West L3, Rm
3018
12:00 pm – 1:00 pm
Middleware s316829 Demystfing IdM: A Custmer’s Guide to a
Practical IdM Deployment Strategy
Moscone South, Rm 309
1:30 pm – 2:30 pm
Middleware S315086 Replication Best Approaches on Directory Server -
Fractional Replication
Moscone South Rm 309

Middleware S316829 Demystifing IdM: A Customer’s Guide t a
Practical IdM Deployment Stategy

3:00pm – 4:00pm
Middleware s314871 Oracle Identity Manager and Oracle BPEL Tools
for Digital Identity Management

3:00pm – 4:00pm
Middleware s314871 Oracle Identity Manager and Oracle BPEL Tools
for Digital Identity Management
Moscone Sout Rm 309
3:30 pm – 4:30 pm Middleware/Oracle Develop S317543 Service Orientd Security 101 Hotel Nikko Mendocino I / II






Tuesday Sep 21, 2010

Day 2: IDM at Oracle Open World

Oracle Open World is off to a great start with plenty of good content and demo's for the business owner or technical implementation team.  Yesterday I saw two great demos from the OAM team.  Mark Karlstrand, pictured to the right was giving a demo on OTP Anywhere to Bob Blakeley.  It was impressive as he used his cell phone to provide a stronger authentication method for a bank transfer -demo not real but you get the point.    

There are a couple of ways to follow what is going on during the show.  

You can follow us on Twitter by using the hash tags #oow10 #idm or follow us directly @OracleIDM.  

We also are uploading pictures and video's from the day at our Facebook page at Facebook/OracleIDM here.

Here are the sessions for Tuesday, Sept. 21 at Oracle Open World

 Time  Title  Location
 12:30 pm – 1:30 pm  Middleware s317146 Securing Web Services: Solutions, Best Practices, Moscone South Rm 309
2:00 pm – 3:00 pm
Middleware s317467 Simplify Identity Management and Support Future Growth with Directory Services
Moscone South Rm 309
3:30 pm – 4:30 pm
Middleware s317064 Oracle Identity Management Administration Best Practices
Moscone South Rm 309
3:30 pm – 4:30 pm
Middleware s317240 Oracle’s Identity Management Strategy (for Sun, Oracle and New Customers Alike)
Moscone South Rm 310
5:00 pm – 6:00 pm
Middleware s317484 Case Study: How Cisco Achieved Large-Scale, Highly Available Access Management
Moscone South Rm 310
5:00 pm – 6:00 pm
Middleware s317244 Enforcing Segregation-of-Duties Controls with Identity Management
Moscone South Rm 309



                    Growth with Directory Services
3:30 pm – 4:30 pm Middleware s317064 Oracle Identity Management Administration Best Moscone South Rm 309
                    Practices
Middleware s317240 Oracle’s Identity Management Strategy (for Sun, Moscone South Rm 310
  Oracle and New Customers Alike)
Middleware s317484 Case Study: How Cisco Achieved Large-Scale, Highly Moscone South, Rm 310
Available Access Management
Middleware s317244 Enforcing Segregation-of-Duties Controls with Identity Moscone South Rm 309
Management

Friday Sep 10, 2010

IDM at Oracle Open World

Oracle Open World is fast approaching and the time to register is NOW so you don't miss out.  This year the show is going to be a blast.  I have heard rumors about the band that will be performing one night but you know what they say about rumors.  More importantly, the IDM team have a lot of new things to talk about at this years show.  First, we released 11g this summer which included exciting new approaches like Service Oriented Security, better user experience and new features for:

  • Oracle Identity Manager
  • Oracle Access Manager
  • Oracle Adaptive Access Manager
  • Oracle Identity Analytics

If you want a comprehensive list of all the sessions so you can follow along.  Please visit the Focus On Identity Management document located here.  Also, we have five don't miss sessions which you need to attend.  Here are the dates and times.  Or, you can find them on our Facebook page here.

 Date & Time
 Title of Presentation
 Location
Mon 11am Oracle Identity Management 11g Overview Moscone South 309
Tue 2pm Simplify IDM with Directory Services –
Moscone South 309
Tues  3:30pm Oracle’s IDM Strategy (for Sun, Oracle Customers Alike)
Moscone South 310
Wed 1pm Building a Strong Foundation for Your Cloud with  IDM
Moscone South 309
Wed 4:45pm Complete Identity & Access Governance with OIA 11g
Moscone South 309
Tues 5pm How Cisco Achieved Large-Scale, Highly Available Access Management Moscone South 310

The last time the Identity Management team was all together a  few photo's were taken and I have included one from that fun event at Burton Catalyst.  Hope you will be able to join us!


Tuesday Aug 17, 2010

Free Webinar Aug. 18: Quick-Start Compliance with Identity Analytics

Identity compliance projects don't have to be hard!  The key to any successful project in IT is delivering value to the business quickly!  It is critical to then leverage those early wins into larger wins for the organization.  When I used to coach I likened this to walking up a staircase.  McKinsey used the analogy to describe the approach successful companies took to manage successful growth. (take a look here)  

Oracle Identity Analytics provides a set of tools that can help organizations take the first step up that staircase to Compliance quickly.  The approach allows organizations to show value quickly and then build upon those early wins to build better security into the organization.  This webcast tomorrow will give insight into how organizations can build in proper segregation of duties, 360 degree review's and proper attestation of roles.  One customer of the product used to print out a conference room of paper and had his compliance auditors and business managers review the roles and access rights to meet compliance.  Imagine if you had the tools to ensure you could make this process easier.  Register today and find out how.

Register Today Here:

Customer Stories: Tackling Compliance Challenges with Oracle Identity Analytics

Date: Wednesday, August 18, 2010
Time: 10:00 am PT / 1:00 pm ET

Featured Speakers:

Naynesh Patel,
Partner,
Simeio Solutions

Neil Gandhi,
Principal Product Manager,
Oracle Identity Analytics,
Oracle Corporation

Wednesday Aug 11, 2010

New Release: Oracle Directory Server Enterprise Edition Strategic

Strategic New Release of Oracle Directory Services Directory Server Enterprise Edition 11gR1

I would like to pass on some good news from the Oracle Directory Services Blog here:  The following is a reprint of their recent good news concerning Oracle Directory Server Enterprise Edition: (Download Instructions from Brad Diggs aka The Zone Manager here)


Oracle released a new version of Oracle Directory Server Enterprise Edition 7.0, ODSEE 11g Release 1 recently.  The strategic commitment to Sun's Directory Server Enterprise Edition is important for customers who wish to grow the foundation of their identity infrastructure faster and easier. The new release offers improvement in performance over previous releases allowing companies to accelerate their applications while reducing their total cost of ownership. With this new release, companies can also reduce cost by improving serviceability with faster import times and smooth, in-place upgrade that reuses your existing data store. This complete solution provides a directory server, proxy server (for high availability and distribution of data and load), web console and synchronization with Active Directory, all under one product (ODSEE) and licensed as part of Oracle Directory Services Plus.

ODSEE 11gR1 is a rebranded release of Sun Directory Server Enterprise Edition 7.0 and is equivalent to a patch release. It does not include new functionality but provides additional stability and security with the inclusion of many fixes that where previously released as patches and hot fixes.

This release also aligns the list of supported platforms with most other Oracle Fusion Middleware products. For details of the changes to supported platforms, see Platform Support, System Virtualization Support, and Operating System Requirements.

As part of the integration with other Oracle Fusion Middleware components:

This updated release improves the overall quality and robustness of deployments. Among other features and capabilities , by upgrading from DSEE 5.2 or 6.x you might benefit from:

    • Up to 300% performance improvement

    • In place upgrade from DSEE 6 and 7 (no need to export/import existing data)

    • Reduced disk space and memory footprint

    • Optional data compression

    • Instant restore capabilities

    • Advanced tuning capabilities

    • Improved control over traffic going through Directory Proxy Server

    • New distribution algorithm with Directory Proxy Server

    • Updated list of supported Operating Systems, IP v6 supported on all platforms

    • Directory Service Control Center supported on broader list of application servers

    • For more information please visit:

Tuesday Jul 20, 2010

Last Chance to Register: Launch Webcast Identity Management 11g


Date: Wednesday, July 21, 2010
Time: 10:00 a.m. PT / 1:00 p.m. ET

Register here

Tuesday Jul 13, 2010

Register Today for Free Webinar: A Giant Leap In Identity Management

The Identity Management market is evolving and it is an exciting place to be involved in shaping that evolution.  For some that evolution is an opportunity for others it is a headache.  At Oracle we see this as a great opportunity. 

When I started in the Identity Management field it is wasn't even called identity management it was about solving high availability problems for customer and partner extranets before personalization and portal solutions existed.  LDAP was a great solution for these problems and Netscape and then Sun Directory Server were the industry best solutions.  They still are today.  However, in this space alone there has been considerable evolution.   Virtual directories, directory proxies, Active Directory Synchronization are all essential components of best of breed directory server product's.  Oracle Directory Services Plus is a good example.  

The fuel behind this tremendous evolution is the business environment in which these solutions exist. There is no magic in figuring out these key business trends.  Organizations face increased threats from global security risks internally and externally. 

You had to bury your head in the sand to not notice the fact that these threats have landed some of the greatest IT organizations and governments in prime-time analysis on CNN or on the front page of the major news portals.   The global economic slowdown has caused business to seek better value from the products they have already purchased.  Increased government scrutiny and regulation has fueled compliance projects and organizations to ensure business and IT audits can be signed off by the CTO and CFO of major organizations.  And, the CTO and CFO don't want surprises so they have funded projects and purchased solutions to ensure they stay in compliance ---No Surprises!

At Oracle, meeting these challenging problems with innovation is the name of the game.  At the same time, we strive to provide the most complete solutions based on standards for our customers.  This is why we are excited about our event next week.  At this webinar we are taking a "Giant Leap Forward In Identity Management".  Amit Jasuja, Vice President of Identity Management and Security at Oracle, will be sharing the latest news from Oracle on why we believe we are uniquely positioned to solve these business problems for the best organizations on the planet.  Register Today for this exciting event.

Webinar Registration
Wednesday, July 21, 2010
10:00am PDT, 1:00 EDT, 7:00pm CET
Register here

Thursday Jun 10, 2010

Register Today For Free Webinar: Identity Analytics ROI

Is your Identity Compliance project a GIANT Headache?  If so, then we have the little blue pill for your  compliance headache.  The reason why many organizations experience pain in the compliance programs they run is because of the lack of automated tools, impact to productivity and lack of ongoing actionable information.  I have seen this first hand.   Organizations usually rely upon project managers and excel spreadsheets collect information from business units and project teams.  This then leads to massive efforts to fill in information and send them back to the central team for documentation and reporting to the auditors.  Ultimately, this information is old before it is collated into the binders and the report is issued.  However, the real result is usually a GIANT HEADACHE for everyone involved.

As Identity theft outpaces any other theft and security challenges for organizations, the problem needs a more efficient solution with better processes and better tools.  Business leaders will believe in investment when they can see better utilization of key resources, better on-going information, proven segregation of duties, and ultimately better security. 

Niel Gandhi, has the "Advil" for your compliance headache with Oracle Identity Analytics.  Register here for the FREE webinar on the ROI of using Identity Analytics.  He is has years of experience solving these problems for organizations around the world.  Additionally, he has extensive experience as Principal Product Manager, Identity Analytics.  Here are a couple of the topics that he will cover in the event:

  • Automate critical identity-based controls such as attestation and segregation of duties
  • Analyze, mine, and correlate user roles for compliant and efficient user access
  • Build comprehensive reports for audit, compliance, and business purposes
  • Utilize business-friendly compliance dashboards and metrics
  • Give a 360-degree view of user’s access and achieve rapid compliance

However, the ultimate goal of his presentation is to make sure you have concrete ways to help you solve your Compliance Headache without breaking the bank.  Hope to see you there!

Live Webcast: Maximize Compliance ROI With Oracle Identity Analytics
Register Here

Date: Thursday, June 24, 2010
Time: 10:00 am PT / 1:00 pm ET


Thursday Apr 29, 2010

Register Today for this Webinar! Improve Time-to-Market and Reduce Cost with Oracle Directory Services

In some studies, enterprises are spending up to 60% of their IT budgets on operational costs thus impacting the available budget to spend on innovation. The challenge we all face in the identity and IT departments is how to get the most out of our existing licenses and reduce cost where possible in delivering IT projects. One of the costly areas of projects is getting at identity data when it lives in legacy applications. This is especially true when you look at Federation projects, mergers and acquisitions or in data center consolidation projects.

If you are running a Federation project and have to access identity data in legacy or disparate data sources and feel like you are herding cats then this webcast is for you! Virtual directories provide a critical tool for Federation projects as they allow you to expose identity attributes without changing code in legacy applications. Additionally, you have control over how the data is accessed allowing you to manage sensitive service level agreements which can cause difficult political battles in organizations when discussing access.

If you have worked on a data center consolidation project either driven by a merger, acquisition or as part of a cost control exercise you need to have a full bag of tools.  The tools you bring to the project provide the critical agility needed to meet time-lines but also to minimize impact on business operations.  Virtual Directories allow you the ability to connect to data sources without having to alter the application code.  This reduces resource requirements, increases speed but most importantly maximizes business continuity.   

Register here for this webinar and we will look at ways virtual directories can help you become an identity hero in your organization.

Friday Apr 23, 2010

New Oracle Security Newsletter

Oracle Identity and Database Security Teams have created a new Security Newsletter. The Newsletter launches this week and will be distributed to customer's who have signed up for the Newsletter via Oracle.com.

In each edition, you'll find news, blog posts, events, webcasts, and much more covering Oracle's Security Solutions. Whether your focus is on identity management or database security, each issue will be filled with the information you need to secure your database, middleware, and applications, and meet IT compliance requirements.

In this inaugural version of the newsletter you will find content on:

You can see the entire newsletter here

Register for future versions of the newsletter by following the directions here.  You can also see samples of all the different newsletter content that is available to stay current and aware of the latest leading news from Oracle.

About

Sharing 12 years of technology experience as developer, product and program manager, and marketing director. Identity Management, Security, and Product Management issues occupy my mind during the working day. Water Polo keeps me healthy.

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today