300 likes | 449 Vues
CON 8810 Who Should Have Access to What – Better Risk M anagement with Identity Governance. Neil Gandhi Product Manager Oracle Identity Governance. Safe Harbor Statement.
E N D
CON 8810 Who Should Have Access to What – Better Risk Management with Identity Governance Neil Gandhi Product Manager Oracle Identity Governance
Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decision. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
Session Goals • Understand the current market trends regarding Access Compliance and Risk Management • Realize the benefits of an Identity Governance platform and how it can help meet your everyday Compliance and Risk Management challenges • Hear from and engage with customers regarding their experiences with managing Risk by implementing an Identity Governance solution
Program Agenda • Market Trends • Risk Management & Compliance with Oracle Identity Governance • Panel Discussion • Q&A
Explosion of Scale Millions Of Entitlements 100’s of Thousands of Users 10’s Thousands of Apps Thousands of Systems • Few Administrators • Handful of Audit Staff • Too many privileged accounts
Market TrendsCompliance Requires Business User Participation • Increasing volume and frequency of employee access certifications • Business Users do not understand what they are attesting to • IT and Compliance teams struggle with “Who should have access to what”
Enterprise Certification RequirementsWho’s who & what can they do? Extract Entitlements Review Entitlements Correlate Results Remediate Access • Manual • Error Prone • Expensive Ad Hoc Complex Un-auditable Non-verifiable
Market TrendsScale requirements are increasing Moving from employee to massive scale for even small companies. Cell Phones 5B + Mobile Corp PCs 400M Enterprise Facebook 800M Social China 1.3B Citizen
Risk Management & Compliance with Oracle Identity Governance
Oracle Identity GovernanceGovernance Platform Connectors Provision De-Provision Grant User Access Monitor User Access Check-in/ Checkout Privileged Account Request Role Lifecycle Management Identity Certifications Reporting & Privileged Access Monitoring IT Audit Monitoring Rogue Detection & Reconciliation Access Request Access Catalog Roles Ownership, Risk & Audit Objectives Entitlements Accounts Catalog Management Glossaries
Oracle Identity ManagerProvisioning with Preventative SOD Controls
A Smarter Approach to Identity Compliance Reduce Cost, Time & Risk $ IdentityWarehouse Prioritizing & Automating Certification Closed-Loop Feedback & Remediation Aggregating Information & Building a Catalog Simplified User Experience & Reporting
Automate Identity Based Controls Automated Action is taken based on Periodic Review Report Built And Results Stored in DB Set Up Periodic Review 2 3 4 1 Reviewer Is Notified Goes to Self Service Reviewer Selections What Is Reviewed? Email Resultto User Certify Reject Automatically Terminate User via Closed Loop Remediation Who Reviews It? Decline Notify the Process Owner Archive Attested Data Attestation Actions Delegation Paths Delegate Notify Delegated Reviewer Start When? How Often? Comments
Oracle Identity Manager 11g R2Provisioning Context with Identity Auditor
Leverage data collected to streamline access certification Prioritize certifications based on user risk profiles Aggregate risk profile over the ENTIRE lifecycle High Risk Focusing on What (Who) Matters Most
Applications Identity Data Sources DB Mainframe Risk Based Certification Identity Warehouse Risk Factors Policy Violations Certification History Provisioning Events Roles Entitlements Resources Risk Aggregation Low Risk User High Risk User Bulk Certify Cert360 Approve Reject Focused Sign-off
Automate The Remediation • Focus on Large Scale • Quick Extract Transform Load • Rolling Certifications • Rolling Data Import • Large Volume Remediation Entitlement Report Reduce Remediation Time to Minutes Instead of Days or Weeks • Close Loop Remediation • Reduce Help Desk Volume • Complete Audit Trail • Increase Throughput Entitlement Review Auto-Remediate
Customer Panel Patrick Landry David Mathias Robert House
Join the Oracle Community Twittertwitter.com/OracleIDM Facebookfacebook.com/OracleIDM Oracle Blogs Blogs.oracle.com/OracleIDM Oracle.com/Identity
Innovation Awards 18 Winners Across Eight Categories Lam Research Theater (Next to Moscone North) Session ID: CON8082 Session Title: Oracle Fusion Middleware: Meet This Year’s Most Impressive InnovatorsVenue / Room: YBCA - Lam Research TheaterDate and Time: Monday Sep 23, 4:45 - 5:45 p.m.
Oracle Fusion Middleware Business Innovation Platform for the Enterprise and Cloud • Complete and Integrated • Best-in-class • Open standards • On-premise and Cloud • Foundation for Oracle Fusion Applications and Oracle Cloud Web Social Mobile User Engagement Business Process Management Content Management Business Intelligence Service Integration Data Integration Identity Management Development Tools Cloud Application Foundation Enterprise Management