oracle openworld 2015 | con9456 mobile security in the cloud

28
Indus Khaitan Snr. Director, Oracle Rajesh Pakkath Snr. Product Manager, Oracle Rakesh Meena Snr. Architect, AurionPro October 26, 2015 Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Mobile Security in the Cloud

Upload: indus-khaitan

Post on 21-Jan-2018

54 views

Category:

Internet


3 download

TRANSCRIPT

Indus KhaitanSnr. Director, Oracle

Rajesh PakkathSnr. Product Manager, Oracle

Rakesh MeenaSnr. Architect, AurionPro

October 26, 2015

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Mobile Security in the Cloud

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Safe Harbor Statement

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

2

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Program Agenda

1

2

3

4

3

Enterprise Mobile Trends

Oracle Mobile Security Cloud Service

Mobile Security Use Cases

Q&A

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 4Copyright © 2015 Oracle and/or its affiliates. All rights reserved.

Mobile OS adding more in-built MDM/MAM features

MDM commoditized and approaching zero dollar value

4

MAMmore in-built tools and features for enterprise mobile security

LEVERAGE COMMON IDENTITY, AUTHENTICATION AND MANAGEMENT SERVICES ACROSS DEVICES AND PLATFORMS

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

The Enterprise App Explosion

Source: Portable and Web Apps Dominate in Our Mobile Model, Ensuring Maximum Device Flexibility

Gartner Presentation, The Current and Future State of Mobility, Van L Baker, Jason Wong, August 2015

NEED A CROSS PLATFORM RAPID APP DEVELOPMENT PLATFORM INTEGRATED WITH KEY MOBILE SECURITY FUNCTIONS

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Cloud Adoption on the Rise

Oracle Confidential – Internal/Restricted/Highly Restricted 6

NEED IDENTITY FEDERATION, HYBRID ACCESS TO CLOUD/ON-PREM AND COMMON POLICIES ACROSS CHANNELS

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

We are Living in a Breach Culture

Oracle Confidential – Internal/Restricted/Highly Restricted 7

NEED RISK/CONTEXT AWARE STRONG AUTHENTICATION ACROSS CHANNELS

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Vision of the Future

Oracle Confidential – Internal/Restricted/Highly Restricted 8

MOBILE DEVICE CAN BE THE ULTIMATE TOKENLESS AUTHENTICATOR

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Program Agenda

1

2

3

4

9

Enterprise Mobile Trends

Oracle Mobile Cloud Platform

Mobile Security Use Cases

Q&A

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Build & Deliver Mobile Apps with Seamless, Secure Access to Mission-Critical Data

Oracle Mobile Platform: Simplifies Enterprise Mobility

MANAGE

Custom Mobile Apps Packaged Mobile Apps Partner Built Mobile Apps

10Oracle Confidential – Highly Restricted

Mobile Cloud Service

DEVELOP INTEGRATEMobile Cloud Service

ANALYSEMobile Cloud Service Identity Cloud Service

SECURE

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Social Login

Single Sign-On

Reporting &Analytics

Oracle & 3rd PartyConnectors

ID Admin &Self Service

StrongAuthentication

Oracle Identity Cloud Services

Oracle Confidential – Internal/Restricted/Highly Restricted 11

Employees

Partners

Customers

Enables Access by Anyone, from Anywhere, on Any Device

Mobile Identity

Single sign on across mobile apps

Risk / context aware step up authentication

Self service and delegated administration

Certificate LCM

Mobile Application Management

App centric security policies

Inbuilt PIM apps

Zero code wrapping technology

App store for distribution

Secure apps built on MAF and MCS

Mobile Device Management

Device centric security policies

Device enrollment

Device control

Device inventory

Mobile Content Management

Secure container & app tunnel for securely accessing and storing corporate content

Strong DLP policies to avoid data leakage

File manager and doc editor / viewer for secure content collaboration

Multi-channel Application Security

Mobile SecurityCloud Service

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 12

Risk/context-aware Enterprise Mobility Management

Oracle Mobile Security Cloud Service

IDENTITY CLOUD SERVICEMOBILE SECURITY

Oracle Confidential – Highly Restricted

Multi-channel

On-prem Apps

Custom Apps

Oracle, 3rd party, custom MCS SaaS

OTP KBABiometrics

Out of bandRisk/context aware

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 13

Simplify App Development, Security & Integration

Oracle Mobile Cloud Service

MOBILE CLOUD SERVICE+

IDENTITY CLOUD SERVICE

Engagingfront-end experience

Enterprise grade backend with robust security controls

Systems of Record& Services

A set of Cloud-based mobile services designed to make app development & integration quick, secure & easy to deploy.

Oracle Confidential – Highly Restricted

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 14

Risk, context aware access

Mobile as another factor of authentication

Oracle Confidential – Highly Restricted

Biometrics based authentication for Secure Workspace

Knowledge based authentication using Identity Cloud Service

Time-based One-time Password using Oracle Mobile Authenticator

MOBILE DEVICES ARE THE NEW IDENTITY

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Pre-wrapped Oracle Apps

Oracle Confidential – Internal/Restricted/Highly Restricted 15

• Hundreds of Oracle on-prem and SaaS apps pre-wrapped with Mobile Security Services

• Security functions include:

– Hybrid SSO across on-prem and SaaS apps

– Data Encryption

– Device Integrity

– Data Leakage Prevention

– App distribution

– Workspace and device control

Easy uptake of Mobile Security Services

BICSEBS

JDE

Primavera

WCC

Seibel

DOCSTAP

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Program Agenda

1

2

3

4

16

Enterprise Mobile Trends

Oracle Mobile Cloud Platform

Mobile Security Use Cases

Q&A

Confidential. Copyright © 2015 Aurionpro Solutions. All rights reserved. 17

Aurionpro at a glance

Founded: 1997

IPO: 2005

Revenue 2013-14 : 120 Million USD

NA HQ: San Ramon, California

100+ Customers

33 Fortune 500 Customers

1,340+ Employees

18 Products serving 5 Industries

Solutions delivered in 22 Countries

Confidential. Copyright © 2015 Aurionpro Solutions. All rights reserved. 18

Leading Retail Pharmacy

• 300k customers, 6k employees, 50+ retail stores

• Store employees

– Business need: Easily interact with customers on the store floor instead of being behind POS

systems (Apple store like experience)

– The stores already has issued tablets to access some of this info from the device web browser but

lacks a seamless user experience – shared devices which requires each user to login to device level

VPN to access the data

– Provide a native mobile app that employees can login using their existing network credentials to

securely view customers purchase history, suggest and process targeted offers from these shared

and controlled tablets

• Customers

– Business need: Manage refills from mobile app with a view of historical transactions on their own

device

– Customer registrations keep increasing by the day and management is getting very complex

Secure in-store shopping experience

Confidential. Copyright © 2015 Aurionpro Solutions. All rights reserved. 19

Cloud based Mobility Management with minimum disruption to business

Store Employees (B2E) Customers (B2C)

• No re-registration of tablets – use existing MDM solution to lockdown and manage the device

• Allow active users to authenticate to the shared devices using existing network (AD) credentials

• No device level VPN or additional logins should be required

• Enable Kiosk mode - Replace device passcode with corporate credentials and restrict device usage to the Store mobile app only

• Encrypt any customer data accessed and downloaded on the device

• Move to a scalable cloud IDM solution to handle customer registrations, user management and access functions

• Customer transactions and refills should continue to be serviced by the on-prem Customer Information System

• Mobile app distributed via public app stores

• Encrypt any customer data accessed and downloaded on the device

Technical Requirements

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Identity Cloud Service

Mobile Security

MSCS

Access

Server

Oracle Access

Manager

Pharmacy

Information System

3rd party

MDM

Server

Active

Directory

Oracle Cloud

Customer on-prem env

Oracle Identity Cloud Service

Authenticate & Access with SSO (App Tunnel)

ID Bridge

Manage Device(Co-exist)

Get Mobile Security Policies

Logout

Store App(Kiosk Mode)

Store Employee Access

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Identity Cloud ServiceUser Management

Mobile Security

MSCS

Access

Server

Customer

Information System

Oracle Cloud

Customer on-prem env

Oracle Identity Cloud Service

Authenticate & Get Mobile Security Policies

Customer App

Customer Access

Public App Store(Wrapped Customer

app)

Active Directory

(Customer OU)

Oracle Access

Manager

Identity Cloud ServiceIdentity Management

AuthenticationMobile Security

Confidential. Copyright © 2015 Aurionpro Solutions. All rights reserved. 22

Leading Financial InstitutionLoan Sourcing - Anytime, Anywhere

• 5000+ on-the-field sales agents working from remote parts of the country

• Business need: Replace the current paper based micro-finance application

process with native mobile apps that could enable sales agents work from any

part of the country at any time. This would result in more business to the

company and help agents reach their sales targets more effectively.

• No app development expertise available in-house

• Agents want a quick and seamless user experience logging into and using

multiple mobile apps

• Need app usage analytics for licensing and ROI calculation

Confidential. Copyright © 2015 Aurionpro Solutions. All rights reserved. 23

Cloud based Mobility Development & Management solution

• Develop a native mobile app that connects to loan servicing application REST interfaces and includes a workflow of customer identity vetting provided by 3rd party SaaS provider

• Allow active users to user their own devices (BYOD) and authenticate to the app using existing network (AD) credentials

• Offline app access and sync to the backend Loan Servicing application is critical as remote locations may not have network connection

• Agent access from certain locations should require knowledge based strong authentication

• Agents need to connect to Oracle Document Cloud Service for any loan related files to be uploaded or viewed

• Agents need access to their corporate emails hosted on Office 365

• Application/LOB owners should be able to view app usage analytics

Technical Requirements

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Identity Cloud Service Mobile Security

Risk based Authn

Mobile Cloud ServiceDevelop, Workflow, Analytics

Document Cloud ServiceFile Collaboration

MSCS

Access

Server

Loan Servicing

System

Oracle Cloud Customer on-prem env

Oracle Identity Cloud Service + Mobile Cloud Service

Customer App

Scalable Mobile Backend and Security solution

Public App Store(O365, Pre-wrapped

Oracle DCS)

Active Directory

(IdP) (Hybrid inter-app

SSO, Offline access)

Identity Vetting SaaS

Office 365

3rd PartyCloud SaaS

SAML Auth

SAML/OAuth

SAML/OAuth

OAuth

OAuth

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

1. Identity management + Enterprise Mobility Management in one package

2. Support for risk/context-aware step up authentication and authorization

3. Hybrid SSO across on-prem, Oracle SaaS/PaaS, Oracle MCS and 3rd party SaaS providers

4. Pre-wrapped Oracle Apps on public app stores for easier mobility management uptake

Oracle Identity Cloud Service Summary

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 26

Classroom Training

Learning Subscription

Live Virtual Class

Training On Demand

Keep Learning with Oracle University

education.oracle.com

Cloud

Technology

Applications

Industries

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Session Surveys

Help us help you!!• The [Program Committee J1] [organizing committee OW] would like to

invite you to take a moment to give us your session feedback. Your feedback will help us to improve your conference.

• Please be sure to add your feedback for your attended sessions by using the Mobile Survey or in Schedule Builder.

27