Integrating Enterprise Controls with the Cloud

Integrating Enterprise Controls with the Cloud Atul Goyal Senior Principal Product Manager Oracle Identity Management Harish Jangada Managing Partner Techdemocracy LLC October 29, 2015

Oracle Confidential – Internal Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Safe Harbor Statement

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

Oracle Confidential – Internal 3


Program Agenda

Business Challenges

Integration Patterns for Cloud

Case Study & Demo

Q&A

1

2

3

4



Program Agenda

Business Challenges


Case Study & Demo

Q&A

1

2

3

4



Cloud Adoption Trends


Hybrid Cloud Remains the Preferred Strategy

Types of Corporate Information Adoption Statistics

Ref: CLOUD SECURITY SPOTLIGHT REPORT by Information Security Community on LinkedIn


Cloud Adoption Challenges Central IT Becomes a Cloud Broker

Oracle Confidential – Internal

0 5 10 15 20 25 30 35 40 45 50

Vendor Lock-in

Integration with Existing Infrastructure

Loss of Control

Data Loss and Risks

Security and Compliance

Cloud Adoption Barriers

7


Challenges of the New Digital Economy

• More applications to onboard and manage

• Outdated Request & Fulfillment processes

• Limited visibility across Enterprise, Mobile & Cloud applications

• Manual access certification processes

• Delays revoking unauthorized access

Enabling Users and Maintaining Access Controls



Requirements for the New Digital Economy

• Business Friendly Access Request & Approval Interfaces

• Scalable & Flexible Access Certification

• Automated Provisioning & Closed Loop Remediation

• Management of standard and privileged user accounts

• Common Connector Framework

Unified Identity Governance



Program Agenda

Business Trends


Case Study & Demo

Q&A

1

2

3

4


Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential – Internal 11

New Applications AWS, Salesforce, ServiceNow, Concur, WebEx, Box, Cornerstone, Others

Business Challenges

• Manual Processes

• License Monitoring and De-provisioning

• Limited Visibility, monitoring and reporting

• Time consuming and Labor intensive Application on-boarding time

Custom Connector

Applications

Integration Patterns for Cloud Extend Existing IAM Solution


Access Request

Birthright Access

Access Review Policy Management

Oracle Identity Governance

Identity Management Processes

Generic REST and SCIM Connector

Pre-configured Templates

Integration Logic Business Applications

JSON

HTTP/S

Processes • Job Scheduler • Provisioning Workflow

Integration • Event Driven • Polling

• Run-time Payload • Connector / Adapter

Communication • JSON / XML* • HTTP/S • REST / SCIM

Cloud Application Integration Design Standards Based and Extensible


Managed Application Integration Engine


Overview

Generic REST Connector

Generic SCIM Connector Application

Definition Wizard Application Templates

Schema Endpoint

Security Operations

Metadata Generator

REST/SCIM Interface

Run-time Provisioning Process

• Pre Configured App Templates / Define your own Templates

• Reduced Application on-boarding from weeks to hours


Managed Application Integration Engine Define an Application Template

• Pre-defined Schema Configuration

• Pre-defined End-points

• Flexible and Modular approach to create new template

14 Oracle Confidential – Internal


Managed Application Integration Engine Configure Security

• Pre-Defined Authentication for Pre-integrated applications

• Support Username and Password, OAUTH

• Robust framework to meet additional authentication need



Managed Application Integration Engine Discover Schema

• Simplified Schema Discovery

• Schema Extension using Web UI

• Supports Single, multi-valued, Complex attributes



Managed Application Integration Engine Generate Metadata

• Utility to generate Metadata

• Support Provisioning and Reconciliation Features

• Scheduled Task to import metadata and Target reconciliation



Managed Application Integration Engine Auto Install

• Usage Statistics Report

• License Optimization

• Audit Trail and Reports



Managed Application Integration Engine


Run-time Provisioning Process

Provisioning Engine to • Read the configuration from Application

Template • Construct the payload • Use the connector bundle to invoke operation

on the target

OIG

Connector Framework

JSON

Create

Update

Delete

Search

Get

Post

Delete

Patch

Put

HTTP/S


Unified Cloud Governance


Next Generation Identity Governance Solution

Streamline Identity Lifecycle

Management for Saas and Enterprise

Applications with Intelligence

One Brain for Security and Compliance

Controls

Full visibility into seat utilization and

subscription Spend

IAG++ Accounts

Privileges Unstructured

Data

User Activity

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 21

Unified Approach to Complete Identity Governance

Oracle Identity Governance

Self Service Access Request, Password

Management

Platform & Integration Layer

Compliance Access Certification, SOD, Continuous Compliance

Identity Intelligence Operational Reporting,

Access Dashboards

Privileged Access Privileged Access, Privileged

Audit, Session Recording

Common Data Model Role & Policy Library Workflows and Service

Desk Integration Access Catalog

Identity Connector Framework

Cloud On-Premise

Managed Cloud

Cloud Mobile Enterprise

Oracle Confidential – Internal


Program Agenda

Business Challenges


Case Study & Demo

Q&A

1

2

3

4



Demo


Generic REST and SCIM Connector

Pre-configured Templates


Program Agenda

Business Challenges


Case Study & Demo

Q&A

1

2

3

4



Oracle Cloud Platform

26

DATA MANAGEMENT

IT OPERATIONS MANAGEMENT

IDENTITY MANAGEMENT

CONTENT & PROCESS

APPLICATION DEVELOPMENT

INTEGRATION

MOBILE

BUSINESS ANALYTICS


Classroom Training

Learning Subscription

Live Virtual Class

Training On Demand

Keep Learning with Oracle University

education.oracle.com

Cloud

Technology

Applications

Industries


Session Surveys

Help us help you!! • The [Program Committee J1] [organizing committee OW] would like to

invite you to take a moment to give us your session feedback. Your feedback will help us to improve your conference.

• Please be sure to add your feedback for your attended sessions by using the Mobile Survey or in Schedule Builder.


Integrating Enterprise Controls with the Cloud

Technology

Transcript of Integrating Enterprise Controls with the Cloud