con8040 identity as a service - extend enterprise controls and identity to the cloud

Roger WigenstamOracle Identity ManagementSeptember 29, 2014

Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |

Identity as a ServiceExtend Enterprise Controls and Identity to the Cloud


Safe Harbor Statement

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

Oracle Confidential – Internal/Restricted/Highly Restricted 2


Program Agenda

Cloud Ready Identity Management

Managed Cloud Identity

Public Cloud Identity Services

Customer Presentation – Sanjeev Topiwala, Intuit

1

2

3

Oracle Confidential – Internal/Restricted/Highly Restricted 3

4


Enterprise IT Challenges

CLOUD• Extend Business Processes to Cloud Apps

• Simplify Access to Cloud Apps from Any Device

• Maintain Awareness of Cloud Apps

• Expand Private Cloud Services


On-premise or Private Cloud

Identity Governance

Access Management

Mobile Security

Directory

CLOUD READYIDENTITY SERVICES

MANAGED IDENTITYSERVICES

PUBLIC CLOUD IDENTITY SERVICES

Pre-configured, Oracle Managed Identity Service

Full Enterprise IDM functionality

Manage access to Enterprise and SaaS Apps

Identity as a Service - hosted in the Oracle Cloud

Integrated SSO and User Management

Pre-configured for all major Cloud / SaaS apps

Integrated with Enterprise IDM

Now Now FY15

Oracle Cloud Identity Initiatives


Oracle Cloud Identity Initiatives

On PremiseIDM

Enterprise Apps

Oracle ManagedIDM

Enterprise Apps

On Premise or Oracle Managed

IDM

Enterprise Apps OracleCloud Identity

Services


Oracle Identity GovernanceUnified Approach for Complete Identity Governance

Business-FriendlyRequest Catalog

Streamlined BusinessProcess for Approvals

Intelligent and FlexibleCertification

Scalable and RapidFulfillment

Extensible, Customizable

Privileged Access and Audit


Oracle Access ManagementCloud Access Portal

• Cloud SSO Portal

– Provide seamless access to SaaS, Partner, and OAM protected resources

– Web-based interface that adapts to the device

– RESTful interfaces enable integration and customization

– Cloud SSO through different technologies

• Federation, Form-Fill, Multi-Factor


Authentication

• 250M Users• 3K TPS – 1 server• 5K TPS – 2 servers

Authorization

Oracle Access ManagementScalability for the Cloud


MANAGED IDENTITY SERVICES


Business Drivers for Managed Solutions

• Eliminate need to hire specialized resources

• Eliminate need to install and maintain supporting infrastructure

• Budget limitations for upfront investments

• Seamless integration with hosted/SaaS applications

• Align with broader IT outsourcing strategy

• Operational efficiency


• Distinct offerings for Identity Governance and Access Management

• Hosted by Oracle Managed Cloud Services (OMCS)– Pre-packaged

– Pre-sized

– Rapid deployment with room to scale

• Fully functional, customizable products

• Single-tenant software, dedicated hardware

• Dedicated Oracle solution delivery engineer

• Powered by IDM 11gR2 PS2


Managed Identity as a Service (MIDaaS)Customer owned, Oracle managed


Embassy-Grade Security• Virtual Private Clouds• VPN connectivity to enterprise included• Optional public Internet connectivity • Unique customizable security for firewalls • SSAE16 audited and ISO certified

Performance & Availability• Uptime: 99.9% and up - based on

demand • Complete redundancy• Sub-millisecond access time • 24x7 round-the-clock support

Managed Cloud ServicesSecurity, Quality of Service, and Integration in the Cloud


ACCESS EXTENDEDGOVERNANCE

• Solution Package

• Single Sign-On

• Federation

• Mobile, Social

• OAuth, Secure Tokens

• Identity Store

• Directory Sync

+ Supporting Infrastructure

Managed Identity Offerings

• Solution Package

• User Provisioning

• Role Management

• Certification

• Separation of Duties

• Connectors

+ Supporting Infrastructure

• Any additional IAM functionality

• Mobile Security

• Risk & Fraud Detection

• API Security

• Fine Grained Authorization

• Enterprise Single Sign-On

• Access Portal

• Privileged Access

+ Additional environments

+ Custom topologies & requirements


• Development, Production Support, and Production environments

• DMZ, private mid-tier, and DB deployment tiers

• HA configuration (RAC DB) with full hardware redundancy

• DR (active-passive) option

• 600 GB of storage per environment (configurable)

Managed Identity as a ServiceStandard Environment


• Oracle has over 19 data centers globally

• OMCS currently operates in a select set of Oracle and partner data centers

• North America: Austin, Salt Lake City, and Rocky Mountains

• EMEA: Linlithgow (Scotland), Reading (England)

• APAC: Sydney

• Disaster recovery sites

• Choice of secondary DC determined by primary DC region

OMCS Data CentersGlobal Footprint


• Organizations continue to adopt SaaS applications to meet various business demands including CRM, HCM and Collaboration.

–Quick time to value, reduced infrastructure costs and reduced management overhead are just some of the promised benefits.

• Organizations are also realizing the cost of these benefits:– Lack of visibility and control

– Provisioning & De-provisioning challenges

–Users are forced to remember multiple usernames and passwords

– Traditional enterprise IAM is complex to integrate

Market Trends & ChallengesThe New Digital Experience


Manages SaaS account provisioning and de-provisioning

Simplifies the user experience to access SaaS applications (SSO)

Provides seamless integration with enterprise Identity stores and authentication services

Facilitates compliance activities by clearly reporting on SaaS application usage

SaaSProvisioning

SSO to SaaS

User Portal

Reporting

EnterpriseIntegration

What is needed is a solution that…


Connects your Enterprise with the Cloud

Multi-tenant offering,hosted in the Oracle Cloud

Oracle Cloud Identity ServiceIdentity as a Service


Pre-configuredSaaS Integrations

Automated Password Reset

User Enrollment and Management

Enterprise ID storeConnectivity

Identity GovernanceIntegration

Group to SaaS Account & Entitlement

mapping

Automated Provisioning & De-provisioning

Oracle Cloud Identity ServiceIdentity


Enterprise IDPIntegration

Access ManagementIntegration

AdvancedAuthentication

Single Sign-On to SaaS Applications

Oracle Cloud Identity ServiceAccess


Admin Dashboards

Password Policy

Monitoring & Activity Reports

Configuration & Customization

REST API’s for Programmatic Control

Approvals & WorkflowsUser Portal

Oracle Cloud Identity ServiceAdministration & Self Service


Tenant Registration

SaaS Configuration

User Management &

Enterprise Integration

SaaS Provisioning

User Access Dashboard & Reports

1 2 3 4 5 6

IDaaS ExperianceOnboarding, configuration, access and reporting


User Interface


On-premise or Private Cloud

Governance, Access, Directory




Pre-configured, Oracle Managed Identity Service

Full Enterprise IDM functionality

Identity as a Service - hosted in the Oracle Cloud

Multi-tenant, pre-configured for all major Cloud / SaaS apps

Cloud IdentityRecap


Introduction to Intuit

28


Q & A

con8040 identity as a service - extend enterprise controls and identity to the cloud

Software