building a secure cloud with identity management
Post on 19-Oct-2014
4.473 views
DESCRIPTION
TRANSCRIPT
<Insert Picture Here>
Building a Secure Cloud with Identity Management
Marc Chanliau, Director of Product Management, OracleBrian Baird, CTO for SaskTel Identity Management Center of Excellence, SaskTel
This document is for informational purposes. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described in this document remains at the sole discretion of Oracle. This document in any form, software or printed matter, contains proprietary information that is the exclusive property of Oracle. This document and information contained herein may not be disclosed, copied, reproduced or distributed to anyone outside Oracle without prior written consent of Oracle. This document is not part of your license agreement nor can it be incorporated into any contractual agreement with Oracle or its subsidiaries or affiliates.
Agenda
• Barriers to Cloud Adoption
• Security Gaps Between Enterprise and Cloud
• Oracle Identity Management
• Summary
Security is the #1 Barrier to Cloud Adoption
87% Security main barrier to cloud adoptionSource: IDC Enterprise Panel, 3Q09
52% Concerned with trusting an outside 3rd party Source: IDC Cloud Security Survey 2011`
41% Fear a security breach from use of security SaaS Source: IDC Cloud Security Survey, 2011
40% Compliance concerns prevent use of SaaSSource: IDC Cloud Security Survey, 2011
Cloud Computing saves costs but reduces control, visibility and trust
The Cloud Security Continuum
1990 1995 2000 2005 2008
LOW
MED-LOW
HIGH
MED-HIGH
CONTROLHIGH LOW
RIS
K
Enterprise
Private In House Cloud
Private Hosted Cloud
Public Cloud
Cloud computing increases risk and decreases control
Risk and Fragmentation Increase Latency
FRAGMENTATION
LA
TE
NC
Y
RISK
• Security silos result in policy fragmentation
• Multiple points of failure
• Security gaps increase vulnerability to breaches
• Poor response to threats
• Latency increases with fragmentation
• Inability to develop and deploy applications and users
Identity Management And The Cloud
• Customer Benefits• Reduce Capital Expenses With Subscription Pricing• Reduce Management Costs And Simplify Upgrading• Leverage Elastic Scalability Services• Enable Hybrid Cloud Computing
• Natural Maturation Of The IT Industry• Customers Want Fully Integrated Industry-vertical
Business Solutions• Cost To Integrate & Deploy Is A Major Inhibitor To Idm’s
Success; Far Exceeds Cost To Acquire & Manage• In The End Very Few Customers Will Want “Parts”
Private UtilityManaged Hybrid
On-Premise
Past Future
Custom Standardized Solutions
Outsourced
Cloud
SaaS
Dimensions of Cloud Identity Management
Identity as a Bridge to Cloud
c c
Are you using cloud apps?
Are you building cloud apps?
Do you need IdM but don’t want to maintain it?
Identity as a Foundation for Cloud
Identity Hosted as a Cloud Service
Authentication and SSO
• Access anytime, anywhere from any device
• Mobile authentication, SSO and access control
• Connect Internet and Social identities to enterprise identity
• Seamless integration and control with enterprise
Federated Standards
• Multiple standard support for authentication to multiple clouds
• SAML
• OAuth
• OpenID
• WS-Fed
• Accelerated on boarding of partners and service providers
Employees/Contractors
Partners/ Subsidiaries
SaaS Applications
Social Networks
Authorization
Policy Enforcement for Apps, Middleware and
Databases
Evaluate Policies and Enforce Access
Centralized Policy Administration
• Centralized Policy Enforcement
• Distributed Real-time Policy Execution
• Standards-based policies: XACML, RBAC, ABAC, JAAS
Context-Aware Security and Fraud Prevention
User: Jdoe
Paswd:1happycat$User: Jdoe
Paswd:1happycat$
User: Jdoe
Paswd:1happycat$
Filtered Private Data
EntitlementPolicy
• Location aware
• Device aware
• Entitlements based
• Enterprise control
• Full audit
Trust but Verify:
Limit Access by Policy
User Provisioning and Role Management
Managers
Roles, Entitlements
AppsUsers
• User lifecycle management for on-premise and SaaS applications
• Self-service provisioning and request mgmt
• Flexible – Roles, rules and policies
Audit and Compliance
Audit Reporting
• Access certification
• Risk scoring
• Privileged access control
• Workflow remediation
• Business views
Actionable Intelligence
Oracle Identity Management powered by
Enterprise
Do you need IdM but don’t want to maintain it?
Identity Management Centre of Excellence
• Identity Administration and Provisioning
• Secure Authentication & Token Services
• Directory and Federation
• Access Administration and Review
• Governance and Visibility
• Shared runtime to maximize efficiency
• Oracle product, delivery and support expertise
• Binding shared risk model to ensure success
SaskTel Identity Management Centre of Excellence
Business Drivers for Identity Cloud AdoptionSaskTel Identity Management Centre of Excellence
• Same Day vs. Weeks
• Stay business focused
• Program Orientation
• 5 yr savings up to 75%
• No Capital $ required
• Operational $ minimized
Binding SLA
Shared Risk
Multi-tenant vs. Private Identity Cloud OptionsSaskTel Identity Management Centre of Excellence
Multi-tenant Instance• Maximize cost savings
• Maximize Time to Value
• Minimize administration
• Integrated OIM 11g Suite Plus
• Secure DMZ termination
• Encrypted VPN connectivity
• Active / Passive redundancy
Private Instance• More configuration & control
• Deploy specific components
• Secure DMZ termination with optional appliance on premise
• Dual private MPLS VPN option
• Active / Active redundancy available
Why consider SaskTel for Cloud Computing?
• Complete, Open and Integrated
• Innovative, Scalable and Modernized
• Identity Management for Enterprise. Cloud, Mobile and Social environments
• Simplified, Actionable Compliance
• Very strong financial stability
• Committed to Oracle Identity portfolio
• Proven ability to manage secure and complex carrier grade environments
• Global Oracle Technology partnership
• Efficient and successful Identity Program execution is all we do!
SaskTel Identity Management Centre of Excellence
Get Started!
① Contact your Oracle License rep
② Define your success Criteria
③ Execute Proof of Concept using SaskTel Identity Management Cloud
④ Delivery business value quickly
⑤ Evolve your Identity Management Program with Oracle and SaskTel
SaskTel Identity Management Centre of Excellence
Oracle Identity Management Platform Bridges the Gap
Identity
Administration
Audit
Risk Management
AuthN and AuthZ
Adaptive Access
• Context / Risk Aware
• Anomaly detection
• Access certification
Administration
• Role Mgmt
• Provisioning
• Identity Analytics
• Certification
Access
• Single-sign on
• Password policy
• Authorization
Scalable Repository
• Identity Synch
• Identity Virtualization
• Reporting
Directory Services
Reduces latency and fragmentation by consolidating identity data
Access Management
Overcomes security silos by centralizing and consolidating security policies.
Fraud Detection
Reduces risk and latency by preventing fraud in real time
Identity Admin and Governance
Consolidates user roles and entitlements and reduces risk
Tools Point Solutions Platform Intelligence
Oracle Identity Management Platform Reduces Cost
46%
Cost Savings
Source: Aberdeen “Analyzing point solutions vs. platform” 2011
Benefits Oracle IAM Suite Advantage
Increased End-User Productivity
• Emergency Access
• End-user Self Service
• 11% faster
• 30% faster
Reduced Risk • Suspend/revoke/de-provision end user access
• 46% faster
Enhanced Agility • Integrate a new app faster with the IAM infrastructure
• Integrate a new end user role faster into the solution
• 64% faster
• 73% faster
Enhanced Security and Compliance
• Reduces unauthorized access
• Reduces audit deficiencies
• 14% fewer
• 35% fewer
Reduced Total Cost
• Reduces total cost of IAM initiatives
• 48% lower
48%More Responsive
35% Fewer Audit Deficiencies
• Complete, Open and Integrated
• Innovative, Scalable and Modernized
• Identity Management for Enterprise. Cloud, Mobile and Social environments
• Simplified, Actionable Compliance
Oracle Identity Management Summary
IaaS
PaaS
SaaS
• Your Oracle Representative
• Call 1-800-672-2537
Contact
• www.oracle.com/identity
• twitter.com/OracleIDM
• facebook.com/OracleIDM
• Blogs.oracle.com/OracleIDM
Join the Oracle IDM Community
Learn More