Neues von der Oracle Identity Governance Suite. Dr. Stephan Hausmann

Similar documents
Oracle Identity Governance 11g R2: Essentials

Oracle Identity & Access Management

Oracle Identity und Access Management

RSA Identity Management & Governance

Unified Identity Governance

Oracle Identity Governance 11g R2 PS3

Utilizing Oracle Standard Functionality and other Oracle tools to comply with Sarbanes- Oxley By Olga Johnson City of Detroit

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

SOLUTION BRIEF IDENTITY AND ACCESS GOVERNANCE. Simplify Identity Governance and Reduce Risk With the CA Identity Suite

Oracle Identity Manager (OIM) as Enterprise Security Platform - A Real World Implementation Approach for Success

agility made possible

Employee Lifecycle Management in an R12 World

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into

Making intelligent decisions about identities and their access

Learn to streamline User Provisioning process in Oracle Applications with workflows

An Introduction to Oracle Identity Management. An Oracle White Paper June 2008

Identity and Access Governance. Buyer s Guide. By Felicia Thomas

Leverage T echnology: Turn Risk into Opportunity

Oracle Identity Manager 11g: Essentials

Buyer s Guide for a User Provisioning Solution. An Oracle White Paper April 2007

SAP Product Road Map SAP Identity Management

Jeff Carpenter Authentication and Access Specialist RSA, The Security Division of EMC. Copyright 2015 EMC Corporation. All rights reserved.

Fulfilling CDM Phase II with Identity Governance and Provisioning

The Data Opportunity: Using data for economic and social benefit reaping the

An Oracle White Paper April Developers and Identity Services - Bridging Usability and Transparency with Role Provider Service

Accelerating Change: HR in the Cloud GENERAL SESSION. Rajan Krishnan Group Vice President, Product Development Oracle

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

Securely Yours LLC. Identity and Access Management (IAM) IAM in a Cloud Auditing Guidelines IIA Detroit Chapter September 8, 2009

BUYER S GUIDE. Identity Management and Governance

ORACLE ADVANCED ACCESS CONTROLS CLOUD SERVICE

Oracle Policy Automation The modern enterprise advice platform

IDEAS for Identity and Access Governance. Capabilities summary and screenshot selection

Tech Leads IT Con: Fusion HCM Course Content

Reduce Production Incidents with Oracle Enterprise Manager 12c and give yourself a break! Roland Evers

Oracle Product Hub Product Overview, Sales Play, Product Update and Strategy

SOLUTION BRIEF RSA IDENTITY GOVERNANCE & LIFECYCLE SOLUTION OVERVIEW ACT WITH INSIGHT TO DRIVE INFORMED DECISIONS TO MITIGATE IDENTITY RISK

TECH LEADS Fusion HCM #44/A, 3 RD FLOOR, GEETHANJALI APARTMENTS, OPP. BAHAR CAFE SR NAGAR, HYDERABAD

Securing Your Business in the Digital Age

ZKI AK Verzeichnisdienste WÜ

Introducing Infor Xi/Ming.le for M3

The Benefits of Running JD Edwards EnterpriseOne on the Oracle Technology Stack. A.J. Schifano Principal Product Manager Oracle

Identity and Access Management

Delivering Financial Results better with Oracle EPM

Identity Governance and Administration

The 7 Tenets of Successful Identity & Access Management

Achieve Continuous Compliance via Business Service Management (BSM)

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

Identity Management Solutions for Oracle E-Business Suite. An Oracle White Paper January 2008

SYSTEM MONITORING PLUG-IN SYBASE ADAPTIVE SERVER ENTERPRISE

Infor CPM d/epm (Roadmap)

Simplify and Secure: Managing User Identities Throughout their Lifecycles

Oracle Fusion Cloud Vs EBS Upgrade: What suits your business best

Compliance Management Solutions from Novell Insert Presenter's Name (16pt)

Oracle Policy Automation The modern enterprise advice platform

Session ID: S Things You Can Do Today to Prepare for Oracle Fusion Applications

Accelerating Business Execution The Value of Fusion Middleware for Oracle Applications Customers. Leon Chen Sr. Sales Consultant Oracle

Andrew Macdonald ILOG Technical Professional 2010 IBM Corporation

ecommerce Back-Office System Evaluation Checklist

Oracle Project Portfolio Management Cloud

Agenda. Identity & Access management About company midpoint Clients & partners Conclusion

Copyright 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 12

<Insert Picture Here> JD Edwards Roadmap Overview

Security Convergence for the Smarter Grid

Automatically Find and Fix Insecure Database settings with Oracle Management Cloud PRO4284

Release 12.2 Beta Program

Enterprise Program Management

Empower 3 Feature Release 2. New Features. Mr. Jose Wilson Castro Latin America Informatics Director Waters Corporation 1

CHOOSE THE RIGHT IDENTITY & ACCESS MANAGEMENT SOLUTION

Industry specific cover image

Starfish Associates Playbook for Partners Cisco

Oracle Service Cloud. New Feature Summary. Release 18C ORACLE

An Oracle White Paper March Access Certification: Addressing and Building On a Critical Security Control

DocAve Governance Automation

IBM Tivoli Monitoring

PANSOFT White Paper JANUARY Oracle Identity & Access Management

Starfish Associates Playbook for Partners Cisco

SAP Jam Collaboration, enterprise edition

Oracle Policy Automation The modern enterprise advice platform

InfoSphere Warehousing 9.5

SAP Cloud Platform Pricing and Packages

Automating PeopleSoft Segregation of Duties: Financials/HCM/Campus Solutions

Entitlement Management

SAP Jam Collaboration, enterprise edition

SUNSERVERS. Enterprise Computing. Sun Microsystems,

Managing Identity Applications, Securing Databases with Oracle Management Cloud

Oracle s Cloud Computing Strategy

Oracle Fusion Talent Management

PLATFORM CAPABILITIES OF THE DIGITAL BUSINESS PLATFORM

OMADA IDENTITY SUITE OMADA IDENTITY SUITE. - Solution in Detail. - for Microsoft Forefront Identity Manager 2010

Management Pack Plus for Identity Management

Identity & Access Management Enabling e-government. Identity & Access Management (IAM) Defined

SAP Identity Management Overview

Oracle Cloud for the Enterprise John Mishriky Director, NAS Strategy & Business Development

SoftwareIDM s Identity Panel

<Insert Picture Here> Externalizing Identity

Ibm Cognos 8 Virtual View Manager User Guide >>>CLICK HERE<<<

<Insert Picture Here> Latest on Oracle Application Change Management Pack for Oracle E- Business Suite

This Integration Guide explains how to enable the Fiksu data connector within the Adobe Marketing. Fiksu Integration Guide

Business Management System Evaluation Checklist

Transcription:

Neues von der Oracle Identity Governance Suite Dr. Stephan Hausmann

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle s products remains at the sole discretion of Oracle. 2

Agenda Oracle Identity Governance Access Reviews Privileged Account Management Q & A 3

Overview Oracle Identity Governance 4

Complete Identity Governance Collaborative Access Certification Automated Provisioning Common Governance Infrastructure Secure Privileged Account Management Enhanced Performance Approvals Workflow Role Management Websphere Certification Intuitive Access Request IDENTITY GOVERNANCE Privileged Account Management 5

Oracle Identity Governance Governance Platform Manage Access Monitor Access Access Request Privileged Account Request Role Lifecycle Management Check-in/ Checkout Identity Certifications IT Audit Monitoring Rogue Detection & Reconciliation Reporting & Privileged Access Monitoring Roles Access Catalog Entitlements Ownership, Risk & Audit Objectives Accounts Catalog Management Glossaries 6

Oracle Identity Governance 11gR2 PS1 Overall Goals, Themes & Features Single Catalog Enable Access Request, Access Review & Provisioning on a common data model and eliminate the need for synchronization of common identity data Converged Identity Certification, called Identity Auditor Enable Identity Certification features on the Common Data Model, while harnessing the power of Oracle technologies such as ADF, OES, SOA and other technologies to make it consistent with OIM Enable non-technical end users with ADF tools to perform business-friendly, patch-safe UI customizations Business-IT Collaboration in Certifications Further innovate the Certification feature to introduce workflow based sign-off and delegation capabilities for both business & technical reviewers, by leveraging the power of SOA 7

Business User Friendliness Identity Auditor in 11gR2PS1 Usability Enhancements Universal SOA Inbox for organizing governance related tasks Customization/Personalization of Certification UI Inline Certification Analytics Cert History, Action History and Risk Analytics using ADF Charts Further Assistance to deal with Massive Data MS Excel Export/Import Filter/Search/Sort on a consolidated table of all users and their access data Workflow Enhancements Workflow Support to allow Business and IT to collaborate on same certification campaign Delegation Support at all levels Full Certification, Subset of Users, Subset of Access Escalations, Notifications & Proxies using SOA 8

Oracle Identity Governance Platform Suite Oracle Identity Manager Access Certification Reconciliation Provision Identity Administration Access Request Oracle Identity Analytics ERP, DB and Mainframes Fusion Applications Oracle Privileged Account Manager Role Lifecycle Monitoring Dashboards Segregation of Duties Access Certification Cloud Applications Policy Management Password Check-in/ Check-out 9

Access Reviews 10

Oracle Identity Governance Risk-based Certification Applications Identity Warehouse Identity Data Sources Risk Factors DB Mainframe Roles Certification History Entitlements Provisioning Events Resources Policy Violations Risk Aggregation Low Risk User High Risk User Bulk Certify Cert360 Approve Reject Focused Sign-off 11

Certification Process Business User Friendliness Enhanced Usability and Business User Friendliness Universal SOA Inbox for organizing governance related tasks Customization / Personalization of Certification UI Inline Certification Analytics Cert History, Action History and Risk Analytics using ADF Charts Further Assistance to deal with Massive Data MS Excel Export/Import Filter/Search/Sort on a consolidated table of all users and their access data Business-IT Collaboration in Certifications Workflow Support to allow Business and IT to collaborate on same certification campaign Delegation Support at all levels Full Certification, Subset of Users, Subset of Access Escalations, Notifications & Proxies using SOA 12

Oracle Identity Manager 11g R2 Identity Auditor Certification Configuration Familiar OIM interface for configuring certification campaigns Additional controls optional 2-phase (business, IT / data owners) review, final challenge stage and final sign-off Fine-grained control over entitlement certifications e.g. privileged accounts! 13

Certification Configuration Define Name for the certification Define Type of Certification User Application Instance Role Entitlement 14

Certification Configuration Select the Base selection Select the constraints which dictates which entity s are included in certification 15

Certification Configuration Select if you want to include users with no accounts. This will help identify orphan account Select Roles Select App Instances Select Entitlements 16

Certification Configuration Displays the global definition first You can modify the definition as you need. Notice Prevent self certification. Can enable multi phase review 17

Certification Configuration Select Phase 1 reviewer Business Certification Enable Phase 2 (Optional) IT Certification Enable Final Review (Optional) Business Certification Has view on both Phase 1 &2 Can Override Phase 2 decision. 18

Certification Configuration Enable incremental certification Allows you to certify only changed items based on Date Range Show Previous Values Enabling allows all the current values that existed in previous certifications are displayed with the last decisions taken for those access. 19

Certification Multi-Phased Review Business and IT collaborative access review for User certification. o allows to combine within a single certification the perspectives of businessoriented and technical reviewers. o allows a certifier to retain overall responsibility while delegating decisions to others. o Phases are optional. 20

Certification Multi-Phased Review Business Review o Required first phase of review. o Typically the manager of each user. Technical Review o Optional second phase of review. o Typically the owner or an authorizer of each privilege. Final Review o Optional final phase of review. o Primary reviewer from the first phase. o Can override decisions made in technical review. 21

Certification Phase 1 Manager Review 22

Certification Phase 2 Technical Review 23

Certification Final Review 24

Certification Offline Mode 25

Privileged Account Management 26

With Great Power Comes Great Risks Root Access Databases Directory Servers Unix Servers Privileged accounts are a key entry point for fraud Difficult to monitor shared accounts across multiple administrators Excessive access privileges is the number one attack vector against databases 27

Two Big Management Problems IDENTIFYING PRIVILEGED ACCOUNTS TRACKING PRIVILEGED ACCOUNTS 28

Introducing Oracle Privileged Account Manager Secure vault to centrally manage passwords for privileged (exclusive or shared) accounts Targets include Databases, Operating Systems and LDAP Directories, Oracle FMW applications Multiple access points for OPAM users and administrator Automatic password change using Identity Connector Framework Policy based password check-out and check-in Flexible usage policies Customizable audit reports through BI Publisher and real time status Extension to Identity Governance OIM and OIA integration for complete governance 29

A Typical Use Case User logs in as DBA Adds Table to DB System out of space Return DBA password HR Application Database Set DBA password for HR App Database based on password policy for HR App Database Request DBA password Return UNIX password Request UNIX password Verify OPAM User in HR DBA Role User checks in passwords DBA Oracle Privileged Account Manager LDAP Server User logs in as superuser Adds disk space Unix Server 30

User Check-Out Password Screen 31

OPAM Benefits Enforce internal security policies and eliminate potential security threats from privileged users Cost-effectively enforce and attest to regulatory requirements Reduce IT costs through efficient self service and common security infrastructure Real time usage reports Customizable audit reports with BI Publisher 32

www.oracle.com/identity www.facebook.com/oracleidm www.twitter.com/oracleidm blogs.oracle.com/oracleidm 33

34

35

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback