Case Studies

Identity Crisis

A sound strategy for managing users and provisioning information technology resources is essential to corporate survival.

By David Baum

July 2007

More and more businesses are moving online not only to connect to customers but to manage Web-enabled business processes. However, enterprises need to make sure they manage access correctly to minimize problems with compliance and network security. Increasingly, companies are looking to centralized identity management (IDM) solutions to protect sensitive information, authorize users and manage access to network resources. The newer solutions work with business applications and govern access to many types of computer platforms, information systems, and user access scenarios.


Learn how MphasiS, which supplies business process outsourcing services to large companies, uses Oracle Identity Manager to achieve consistent security practices. As a result of IDM technology, reporting processes linked with regulatory compliance have been simplified. MphasiS also likes the fact that Oracle Identity Manager is flexible, comprehensive and based on industry standards.

Silicon Image, which creates semiconductor solutions for high-definition multimedia and data storage applications, wanted to create auditable, consistent, authorization procedures for all of its users. Learn why it selected Oracle Identity Manager to manage all of their user access and authorization needs, along with Sarbanes-Oxley compliance requirements that call for strict financial controls and keeping close tabs on who can access financial systems.

Bangalore, India


Annual revenue:
US$212 million

Oracle products and services:
Oracle Identity Management, Oracle E-Business Suite 11i

Silicon Image
Sunnyvale, California


Annual revenue:
US$295 million

Oracle products and services:
Oracle Identity Management, Oracle Database 10g, Oracle E-Business Suite, Oracle Portal, Oracle SOA Suite

Today's businesses are moving online—not just to connect with customers but to conduct a vast array of business activities, from routing purchase orders to managing supply chains. While most of these Web-enabled business processes come with immediate payoffs in efficiency, with the benefits comes the challenge of controlling access to the various business systems. How enterprises handle this roadblock can have a serious impact on compliance and network security.

"On one hand, you must be more open, more available, more internet-enabled," points out Hasan Rizvi, vice president of identity management and security products at Oracle. "On the other hand, opening your systems to online access makes you more vulnerable to attack, from both internal and external users."

As security threats increase in volume and sophistication, many companies are adopting modern identity management (IDM) technology to more systematically authorize users, protect sensitive data, and control access to network resources. According to IDC Research Director Sally Hudson, IDM technology works by associating specific rights and restrictions with each user's established identity. User provisioning, access control, and directory services are critical components of most IDM portfolios, because they govern how employees, contractors, vendors, partners, customers, and other stakeholders use IT resources—and protect access to sensitive data.

Historically, user authentication and authorization was handled by directories associated with specific business applications and computer platforms—often in the form of simple lists of users and their access privileges. This worked fine for homogeneous computing systems ensconced behind a firewall. But controlling access within today's network environments, which support many types of information systems and users, dispersed workforces, and internet access via mobile devices, is more difficult—particularly in the face of strict compliance regulations.

Rizvi explains that there are three primary business drivers for adopting IDM solutions: securing corporate information, complying with regulatory policies, and improving efficiency for both users and IT professionals as they contend with increasingly complex IT environments.

Some companies are meeting these requirements by deploying application-centric IDM systems that work hand-in-hand with their business applications. These systems are usually anchored by the human resources management system (HRMS), where provisioning functions naturally start within an organization. Whereas older IDM systems were siloed and typically platform-centric because they revolved around homogeneous computing environments, these newer IDM systems govern access to many types of information systems, computer platforms, and user access scenarios.

"Application-centric IDM technology addresses the pervasive issue of who-had-access-to-what-when-and-where," says IDC's Hudson. "It gives you secure single-sign-on capabilities, leads to more-efficient resource provisioning, and streamlines authentication procedures. You can't have a secure IT enterprise without having a portfolio of these products."

Driven by Security

Ensuring the security of its client's software assets is what led MphasiS to adopt a centralized IDM solution. The Bangalore, India-based company, which supplies business process outsourcing services to large companies, walks a tightrope between enabling its remote operations teams to freely access client information and complying with stringent security policies set by both clients and government regulators. MphasiS has 12,000 employees working in multiple industries, including financial services, transportation, and technology. With thousands of people managing dozens of customer engagements at any time, the global IT services provider needs to streamline access to client applications without compromising security.

MphasiS sought a centralized IDM solution that could provision user identities among a variety of applications in a consistent way. Since each of its clients has different types of systems—along with differing policies and procedures for authorizing users—the solution had to be flexible, comprehensive, and industry standards-based. "We must be able to demonstrate that our procedures for provisioning users and accessing network resources are extremely robust, even as we control the high cost of managing user accounts and credentials in a dynamic business environment," explains Abnash Singh, group chief information officer at MphasiS.

The company uses Oracle Identity Manager to provision and manage user accounts across Microsoft Active Directory, Microsoft Exchange, Verint quality management system, and Ramco HR software, as well as to interface with physical access management systems from Siemens and Zicom. According to Singh, the Oracle software has enabled MphasiS to implement consistent security practices for its contact center and simplify reporting processes associated with regulatory compliance. Best of all, the new IDM system sets the company apart as a purveyor of industry-leading security practices—an essential differentiator in the competitive business process outsourcing market.

Photography by Shutterstock