SlideShare uma empresa Scribd logo

ING webcast platform

O
OracleIDM

ING implemented Oracle Identity Manager and Oracle Identity Analytics to manage access to over 16,000 users and 16,000 applications. This replaced a homegrown system that did not scale. The implementation was phased, beginning with automating revokes on termination and password management. Later phases automated provisioning of base roles and application access based on roles. Role-based attestation improved on resource-based attestation. The platform approach reduced costs and improved auditability, compliance, and user experience versus disparate systems.

EducaçãoTecnologia
1 de 31
Baixar para ler offline
<Insert Picture Here> Mark Robison, Enterprise Architect, ING Neil Gandhi, Principal Product Manager, Oracle ING: Scaling Role Management and Access Certification to Thousands of Applications
This document is for informational purposes. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described in this document remains at the sole discretion of Oracle. This document in any form, software or printed matter, contains proprietary information that is the exclusive property of Oracle. This document and information contained herein may not be disclosed, copied, reproduced or distributed to anyone outside Oracle without prior written consent of Oracle. This document is not part of your license agreement nor can it be incorporated into any contractual agreement with Oracle or its subsidiaries or affiliates.
Speakers Enterprise Architect Mark Robison Principal Product Manager Neil Gandhi
Agenda • Business Drivers • Implementation • The Platform Approach • Results & Lessons Learnt • Use Cases & Deployment Synergies • Q&A
ING Environment at a Glance Oracle Access Manager • Fortune Global 500 • Over 29 M customers • Over 16K US employees* • 600 attested resources • Centralized Security • Full Auditability *Includes managed contractors
State of Business Prior to Implementation Oracle Access Manager Existing System – home grown and spreadsheet based Project scope - Role Based The problem of scale - 520 critical apps Disparate systems – No single audit source Key stakeholders – LoB, Security (CSO), IT
Business Drivers for ING Oracle Access Manager Regulatory Compliance • Scaling compliance across applications & users Operational Efficiency • Reduce redundant effort, administrative overhead Personalized User Experience • Improve user productivity, SLA Risk Mitigation • Close security gaps with instant and accurate user account/lifecycle management
ING IAM Implementation Oracle Access Manager Current Scope • Internal users • User Population: 16K • Initial focus on 520 SOX-critical applications Immediate Goals • Replace home grown system for scale, efficiency • Single Platform to handle access management Key Features • Roles based • Automatic user access attestation on transfer • Integration with Oracle Identity Manager (OIM) for full lifecycle management
Phase-In Approach at ING Perimeter Security Revokes (OIM) - 2009 • Automate the revoke of key perimeter security access for all employees that are terminated • PeopleSoft HR is triggering system • Network access (Active Directory) • Email (Exchange) • RACF (Mainframe) • Benefits • Real Time account disable on termination event Password Management (Oracle ESSO)- 2007 • Provide mechanism for end user to have a single login for multiple applications • Provide for self service password resets – 12/2010 • Benefits • User does not have to memorize multiple credentials • Reduced calls to help desk for password resets (40% reduction) Retirement - Insurance - Investments 9
Phase-In Approach at ING Access Attestation (OIA) – 11/1/2010 • Replaced custom developed attestation program with OIA product • Provides quarterly manager based review for employee’s application access • Currently supports over 600 application feeds (520 SOX critical) • Integrated with PeopleSoft HR, Service-Now (Help Tickets and Configuration Management Database) • Provides immediate manager review process for employee’s application access on employee transfer event • Benefits • Easier attestation experience for managers • Audit compliance Base Role Access (OIM) – 12/15/2010 • Automate Base Role Access on New Hire event from HR • Active Directory, Exchange, Ariba (Procurement), Service-Now (Help Desk, CMDB), Clarity (Time Tracking), PeopleSoft HR (Benefits, Pay), ESSO, etc. • Benefits • Standardization of user setup • Reduced new hire provisioning time (From 7 days to instant) Retirement - Insurance - Investments 10
Phase-In Approach at ING Simple AD Application Access (OIM) – 3/1/2011 • Automate simple AD security based applications and integrate with Service-Now for manager requested provisioning • Benefits • Consistent, timely provisioning • Reduction of Security Fulfillment Staff (10 consultants) Implementation of ING Contact Centers (OIA and OIM) - 2011 • Develop Role Matrix for all contact center staff • Identify and integrate all applications into new provisioning process • Where cost effective & technically viable, applications are automatically provisioned using OIM • All other applications will be manually provisioned (from OIM) by integrating OIM to the Service- Now Help Desk ticketing system Implementation of all ING Business Units (OIA and OIM) – 2012 + • Develop Role Matrix for all other organizations • Identify and integrate all applications into new provisioning process Retirement - Insurance - Investments 11
Methods of Attestation – Initial Method with OIA • Resource Based Attestation • Manager must attest to all employees access in all applications • Results in many attestation reports per manager • Manager does not “know” if level of access is appropriate • Encourages “rubber stamping” Application A Platform B Application C System D Manager Employees Applications
Methods of Attestation – Future Plan with OIA • Role Based Attestation • A Business Roles defines what IT roles a user should have to perform only their specific job function • IT Roles determine the level of access required within application/platform • Manager attests that employees are in correct Business Role • Business Role Owner attests that the IT roles makeup the correct access needed to perform job function • IT Role Owner attests that correct application entitlements are set in IT role Application A Platform B Application C System D Manager Employees Role A Role B Role C Role A Application C System D Application A System D Role B Role C Business Role Owners Business Roles
The Bigger Picture Oracle Identity Analytics (OIA), Oracle Identity Manager (OIM), and Oracle Enterprise Single Sign-On (OESSO) provide a comprehensive and integrated suite of products that allow ING to effectively manage identity and access management. The applications are game changers that have greatly enhanced ING’s Operational Efficiency.
Down The Road: Future Plans & Drivers Increase Automated Provisioning • Custom Connectors to Applications Extend Scope to External Identities – Customers • Provisioning/Attestations Expand Identity Warehouse • Support Additional Feeds
OIM and OIA Synergies at ING OIA – The BRAINS • Allows Modeling of roles • Supports user attestation • Supports Segregation of Duty checks OIM – The MUSCLE • Provisioning and Deprovisioning engine • Access Reconciliation • Identity Data Warehouse
ING Business Value • The time to get new employees access to all required applications is reduced. (<24 hours) • The process of user access review is simplified. (Role Based) • Closed Loop Remediation on attestation is accomplished using OIA and OIM. • IT / Application roles are clearly defined, including the specific IT entitlements so error rates and re-work efforts are significantly reduced. • Where feasible, applications are automatically provisioned, based on pre- approved business & application roles to reduce fulfillment time and errors. • Reporting and fulfillment validation capabilities provide more complete audit options while reducing the associated costs. • Separation of Duties conflicts are easier to manage. • Can manage the lifecycle of an identity from new hire, transfer, to termination. Retirement - Insurance - Investments 17
Implementation Lessons Learned  IAM (Identity and Access Management) implementation projects cross organizational boundaries and require strong sponsorship to set direction and priorities  Governance function with engaged stakeholders from management, business, Information Technology is challenging to establish, but vital for the long-term Executive Sponsorship  Achieve clarity on the business challenges being addressed by the IAM solution  Identify business drivers – Compliance, Risk Management, Cost Control, Business Facilitation – based upon enterprise needs and determine priority with stakeholders Business Focus  Obtaining organizational buy-in for moving from application-specific to enterprise identity and access management is an exercise in diplomacy  Provisioning project spans the whole organization - 75% Process + 25% Technology  Curb your enthusiasm – don’t over-scope your Phase 1 implementation Change Leadership  Initial IAM projects should deliver "quick wins" to build business support for continuing the IAM program  The “big-bang” implementation approach is unlikely to build stakeholder trust and involvement required for continuing along the IAM maturity curve Value Delivery Retirement - Insurance - Investments 18
Implementation Lessons Learned  In order to reduce the risk and avoid testing in production, non-production target environments are required to test connectors (AD, Exchange, RACF)  It is critical for non-production target environments to have the same data and schema as the production target environments Non Production Target Environments  Account ID format conventions in use could present challenges or constraints on uniqueness, consistency, and ease to remember  Opportune time to standardize the login ID  May require multiple standards based on platform limitations, a handful of standard patterns are better than free form Standard User ID  Determine point of diminishing returns for automated and manual processes  Pilot the implementation to prove the solution  Implement the solution by delivering in phases (top value first)  Test performance and functionality Technology Integration  IAM projects have unique characteristics, so domain experience is vital  IAM projects are complex, demand effective managers who can not only track schedule and budget, but effectively communicate with a diverse set of stakeholders and make sure everyone is pulling in the same direction IAM Experience Retirement - Insurance - Investments 19
Scale and Simplicity • A Few Administrators • Handful of Help Desk Staff
• Key front-office features automation: • Access Request & Access Certification • Cross product knowledge of common identity data and policies • Role-based User Administration • Preventative Separation of Duties (SoD) Enforcement • User Risk Aggregation and Auditing • Analytics and Reporting Oracle Identity Manager – Oracle Identity Analytics Use Cases
Oracle Identity Manager – Oracle Identity Analytics Unique Value Proposition User On- boarding User Access Change User Off- board SOD Checking Aggregate Risk Score • Access Request and Access Certification Automation • Risk Aggregation throughout User Lifecycle • Scales & expedites certification process • Builds in accuracy • Closed-Loop Remediation • Streamlined User, Role Management
Platform Reduces Cost vs. Point Solutions 46% Cost Savings Source: Aberdeen “Analyzing point solutions vs. platform” 2011 Benefits Oracle IAM Suite Advantage Increased End- User Productivity • Emergency Access • End-user Self Service • 11% faster • 30% faster Reduced Risk • Suspend/revoke/de- provision end user access • 46% faster Enhanced Agility • Integrate a new app faster with the IAM infrastructure • Integrate a new end user role faster into the solution • 64% faster • 73% faster Enhanced Security and Compliance • Reduces unauthorized access • Reduces audit deficiencies • 14% fewer • 35% fewer Reduced Total Cost • Reduces total cost of IAM initiatives • 48% lower 48% More Responsive 35% Fewer Audit Deficiencies
Oracle Identity Management Platform Complete, Innovative and Inter-operable Identity Administration, Governance • Password Management • Self-Service Request & Approval • Roles based User Provisioning • Analytics, Policy Monitoring • Risk-based Access Certification Access Management • Single Sign-On & Federation • Web Services Security • Authentication & Fraud Prevention • Authorization & Entitlements • Access from Mobile Devices Directory Services • LDAP Storage • Virtualized Identity Access • LDAP Synchronization • Next Generation (Java) Directory Platform Security Services Identity Services for Developers
Why Oracle ? • Strategic Partner • Platform Synergies • Comprehensive, Best-in-Class • Proven Solutions, Team
Aberdeen Online Identity Assessment Benchmark Your Identity & Access Program www.oracle.com/Identity
New York April 12th Toronto April 17th Boston April 19th Chicago April 10th Aberdeen Group Event Series Featuring Analyst Derek Brink San Francisco May 22nd
Platform Best Practices Agilent Technologies February 15th 2012 (Replay available) Live Platform Webcast Series Customers Discussing Results of Platform Approach Cisco’s Platform Approach Cisco Systems March 14th 2012 Platform for Compliance ING Bank April 11th 2012 Platform Business Enabler Toyota Motors May 30th 2012 Register at: www.oracle.com/identity
Identity Management at COLLABORATE 12 Deep Dive, User-Driven Sessions, and More Register at: http://w3.ioug.org/C12IM • April 22 – 26, Las Vegas • Sunday, Apr 22, 9 am – 3 pm Security and Compliance for your Oracle Systems • Multiple Security, Identity Management sessions (Keyword search: Identity Management)
www.facebook.com/OracleIDM www.twitter.com/OracleIDM blogs.oracle.com/OracleIDM www.oracle.com/Identity
Q&A Enterprise Architect Mark Robison Principal Product Manager Neil Gandhi

Recomendados

Oracle Fusion HCM Presentation
Oracle Fusion HCM PresentationOracle Fusion HCM Presentation
Oracle Fusion HCM Presentation
Feras Ahmad
 
Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1
OracleIDM
 
Iam suite introduction
Iam suite introductionIam suite introduction
Iam suite introduction
wardell henley
 
Hcm fusion-payroll-1541040
Hcm fusion-payroll-1541040Hcm fusion-payroll-1541040
Hcm fusion-payroll-1541040
Ashok Sahukar
 
Extending and improving bps romania 30th of nov 2010
Extending and improving bps romania 30th of nov 2010Extending and improving bps romania 30th of nov 2010
Extending and improving bps romania 30th of nov 2010
Doina Draganescu
 
Why businesses are moving Oracle applications to the cloud
Why businesses are moving Oracle applications to the cloudWhy businesses are moving Oracle applications to the cloud
Why businesses are moving Oracle applications to the cloud
Velocity Technology Solutions
 
Keynote: PeopleSoft strategy and update
Keynote: PeopleSoft strategy and updateKeynote: PeopleSoft strategy and update
Keynote: PeopleSoft strategy and update
Cedar Consulting
 
20 best practices for fusion hcm cloud implementation
20 best practices for fusion hcm cloud implementation20 best practices for fusion hcm cloud implementation
20 best practices for fusion hcm cloud implementation
mohamed refaei
 

Recomendados

Oracle Fusion HCM Presentation
Oracle Fusion HCM PresentationOracle Fusion HCM Presentation
Oracle Fusion HCM Presentation
Feras Ahmad
 
Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1
OracleIDM
 
Iam suite introduction
Iam suite introductionIam suite introduction
Iam suite introduction
wardell henley
 
Hcm fusion-payroll-1541040
Hcm fusion-payroll-1541040Hcm fusion-payroll-1541040
Hcm fusion-payroll-1541040
Ashok Sahukar
 
Extending and improving bps romania 30th of nov 2010
Extending and improving bps romania 30th of nov 2010Extending and improving bps romania 30th of nov 2010
Extending and improving bps romania 30th of nov 2010
Doina Draganescu
 
Why businesses are moving Oracle applications to the cloud
Why businesses are moving Oracle applications to the cloudWhy businesses are moving Oracle applications to the cloud
Why businesses are moving Oracle applications to the cloud
Velocity Technology Solutions
 
Keynote: PeopleSoft strategy and update
Keynote: PeopleSoft strategy and updateKeynote: PeopleSoft strategy and update
Keynote: PeopleSoft strategy and update
Cedar Consulting
 
20 best practices for fusion hcm cloud implementation
20 best practices for fusion hcm cloud implementation20 best practices for fusion hcm cloud implementation
20 best practices for fusion hcm cloud implementation
mohamed refaei
 
Oracle HCM & Talent Cloud Implementation
Oracle HCM & Talent Cloud ImplementationOracle HCM & Talent Cloud Implementation
Oracle HCM & Talent Cloud Implementation
hbiroglu
 
Oracle Fusion v/s Workday
Oracle Fusion v/s WorkdayOracle Fusion v/s Workday
Oracle Fusion v/s Workday
Mayda Barsumyan
 
BPM Application Infrastructure
BPM Application InfrastructureBPM Application Infrastructure
BPM Application Infrastructure
David Norton
 
PeopleSoft Roadmap
PeopleSoft RoadmapPeopleSoft Roadmap
PeopleSoft Roadmap
NERUG
 
Oracle life-sciences-case-study-booklet
Oracle life-sciences-case-study-bookletOracle life-sciences-case-study-booklet
Oracle life-sciences-case-study-booklet
Bukmarker
 
Webinar: How to get started on a Software Asset Management program
Webinar: How to get started on a Software Asset Management programWebinar: How to get started on a Software Asset Management program
Webinar: How to get started on a Software Asset Management program
Flexera
 
Application Management Framework
Application Management FrameworkApplication Management Framework
Application Management Framework
Rory Mackay
 
Introducing Oracle Payroll Cloud - Andy Spencer, Oracle
Introducing Oracle Payroll Cloud - Andy Spencer, OracleIntroducing Oracle Payroll Cloud - Andy Spencer, Oracle
Introducing Oracle Payroll Cloud - Andy Spencer, Oracle
Cedar Consulting
 
Customers talk about controlling access for multiple erp systems with oracle ...
Customers talk about controlling access for multiple erp systems with oracle ...Customers talk about controlling access for multiple erp systems with oracle ...
Customers talk about controlling access for multiple erp systems with oracle ...
Oracle
 
Con8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controlsCon8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controls
Oracle
 
Infosys Co-Existence for Oracle Fusion Talent Management
Infosys Co-Existence for Oracle Fusion Talent ManagementInfosys Co-Existence for Oracle Fusion Talent Management
Infosys Co-Existence for Oracle Fusion Talent Management
Infosys
 
Fusion cloud global payroll presentation
Fusion cloud global payroll presentationFusion cloud global payroll presentation
Fusion cloud global payroll presentation
Feras Ahmad
 
Identity Management: Tools, processes & services
Identity Management: Tools, processes & servicesIdentity Management: Tools, processes & services
Identity Management: Tools, processes & services
JISC Netskills
 
Case Study: McKesson
Case Study: McKessonCase Study: McKesson
Case Study: McKesson
ForgeRock
 
Oracle value chain summit 14
Oracle value chain summit 14Oracle value chain summit 14
Oracle value chain summit 14
Zero Wait-State
 
Thousands of Hours Saved and Risk Reduced for EBS Upgrades & Implementations
Thousands of Hours Saved and Risk Reduced for EBS Upgrades & ImplementationsThousands of Hours Saved and Risk Reduced for EBS Upgrades & Implementations
Thousands of Hours Saved and Risk Reduced for EBS Upgrades & Implementations
Oracle
 
360 facility
360 facility360 facility
360 facility
qjopera
 
How can insurers benefit from using ISO Electronic Rating Content?
How can insurers benefit from using ISO Electronic Rating Content?How can insurers benefit from using ISO Electronic Rating Content?
How can insurers benefit from using ISO Electronic Rating Content?
ValueMomentum
 
Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts
WSO2
 
Marlabs Capabilities Overview: Energy and Utilities
Marlabs Capabilities Overview: Energy and UtilitiesMarlabs Capabilities Overview: Energy and Utilities
Marlabs Capabilities Overview: Energy and Utilities
Marlabs
 
Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcast
OracleIDM
 
Platform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-finalPlatform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-final
OracleIDM
 

Mais conteúdo relacionado

Mais procurados

Oracle life-sciences-case-study-booklet
Oracle life-sciences-case-study-bookletOracle life-sciences-case-study-booklet
Oracle life-sciences-case-study-booklet
Bukmarker
 
Con8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controlsCon8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controls
Oracle
 
360 facility
360 facility360 facility
360 facility
qjopera
 
Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts
WSO2
 
Marlabs Capabilities Overview: Energy and Utilities
Marlabs Capabilities Overview: Energy and UtilitiesMarlabs Capabilities Overview: Energy and Utilities
Marlabs Capabilities Overview: Energy and Utilities
Marlabs
 

Mais procurados (20)

Oracle HCM & Talent Cloud Implementation
Oracle HCM & Talent Cloud ImplementationOracle HCM & Talent Cloud Implementation
Oracle HCM & Talent Cloud Implementation
 
Oracle Fusion v/s Workday
Oracle Fusion v/s WorkdayOracle Fusion v/s Workday
Oracle Fusion v/s Workday
 
BPM Application Infrastructure
BPM Application InfrastructureBPM Application Infrastructure
BPM Application Infrastructure
 
PeopleSoft Roadmap
PeopleSoft RoadmapPeopleSoft Roadmap
PeopleSoft Roadmap
 
Oracle life-sciences-case-study-booklet
Oracle life-sciences-case-study-bookletOracle life-sciences-case-study-booklet
Oracle life-sciences-case-study-booklet
 
Webinar: How to get started on a Software Asset Management program
Webinar: How to get started on a Software Asset Management programWebinar: How to get started on a Software Asset Management program
Webinar: How to get started on a Software Asset Management program
 
Application Management Framework
Application Management FrameworkApplication Management Framework
Application Management Framework
 
Introducing Oracle Payroll Cloud - Andy Spencer, Oracle
Introducing Oracle Payroll Cloud - Andy Spencer, OracleIntroducing Oracle Payroll Cloud - Andy Spencer, Oracle
Introducing Oracle Payroll Cloud - Andy Spencer, Oracle
 
Customers talk about controlling access for multiple erp systems with oracle ...
Customers talk about controlling access for multiple erp systems with oracle ...Customers talk about controlling access for multiple erp systems with oracle ...
Customers talk about controlling access for multiple erp systems with oracle ...
 
Con8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controlsCon8154 controlling for multiple erp systems with oracle advanced controls
Con8154 controlling for multiple erp systems with oracle advanced controls
 
Infosys Co-Existence for Oracle Fusion Talent Management
Infosys Co-Existence for Oracle Fusion Talent ManagementInfosys Co-Existence for Oracle Fusion Talent Management
Infosys Co-Existence for Oracle Fusion Talent Management
 
Fusion cloud global payroll presentation
Fusion cloud global payroll presentationFusion cloud global payroll presentation
Fusion cloud global payroll presentation
 
Identity Management: Tools, processes & services
Identity Management: Tools, processes & servicesIdentity Management: Tools, processes & services
Identity Management: Tools, processes & services
 
Case Study: McKesson
Case Study: McKessonCase Study: McKesson
Case Study: McKesson
 
Oracle value chain summit 14
Oracle value chain summit 14Oracle value chain summit 14
Oracle value chain summit 14
 
Thousands of Hours Saved and Risk Reduced for EBS Upgrades & Implementations
Thousands of Hours Saved and Risk Reduced for EBS Upgrades & ImplementationsThousands of Hours Saved and Risk Reduced for EBS Upgrades & Implementations
Thousands of Hours Saved and Risk Reduced for EBS Upgrades & Implementations
 
360 facility
360 facility360 facility
360 facility
 
How can insurers benefit from using ISO Electronic Rating Content?
How can insurers benefit from using ISO Electronic Rating Content?How can insurers benefit from using ISO Electronic Rating Content?
How can insurers benefit from using ISO Electronic Rating Content?
 
Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts
 
Marlabs Capabilities Overview: Energy and Utilities
Marlabs Capabilities Overview: Energy and UtilitiesMarlabs Capabilities Overview: Energy and Utilities
Marlabs Capabilities Overview: Energy and Utilities
 

Destaque

Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcast
OracleIDM
 
Platform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-finalPlatform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-final
OracleIDM
 
Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...
OracleIDM
 
Identity and Access Management
Identity and Access ManagementIdentity and Access Management
Identity and Access Management
Neo4j
 
Overview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer PresentationOverview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer Presentation
Delivery Centric
 
Paradza The overlooked youth interest in foreign transactions in land
Paradza The overlooked youth interest in foreign transactions in landParadza The overlooked youth interest in foreign transactions in land
Paradza The overlooked youth interest in foreign transactions in land
futureagricultures
 
Power Notes Atomic Structure
Power Notes Atomic StructurePower Notes Atomic Structure
Power Notes Atomic Structure
jmori1
 
高密度データセンターを選択する価値
高密度データセンターを選択する価値高密度データセンターを選択する価値
高密度データセンターを選択する価値
KVH Co. Ltd.
 
Rietveld Targeting young adults young households in Central Uganda - where is...
Rietveld Targeting young adults young households in Central Uganda - where is...Rietveld Targeting young adults young households in Central Uganda - where is...
Rietveld Targeting young adults young households in Central Uganda - where is...
futureagricultures
 

Destaque (20)

Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcast
 
Platform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-finalPlatform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-final
 
Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...Con8817 api management - enable your infrastructure for secure mobile and c...
Con8817 api management - enable your infrastructure for secure mobile and c...
 
Developing an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessDeveloping an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your Business
 
Oracle Identity & Access Management
Oracle Identity & Access ManagementOracle Identity & Access Management
Oracle Identity & Access Management
 
Identity and Access Management
Identity and Access ManagementIdentity and Access Management
Identity and Access Management
 
Overview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer PresentationOverview of Oracle Identity Management - Customer Presentation
Overview of Oracle Identity Management - Customer Presentation
 
GraphTalks Rome - Identity and Access Management
GraphTalks Rome - Identity and Access ManagementGraphTalks Rome - Identity and Access Management
GraphTalks Rome - Identity and Access Management
 
Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)Introduction to Identity and Access Management (IAM)
Introduction to Identity and Access Management (IAM)
 
Paradza The overlooked youth interest in foreign transactions in land
Paradza The overlooked youth interest in foreign transactions in landParadza The overlooked youth interest in foreign transactions in land
Paradza The overlooked youth interest in foreign transactions in land
 
Escuela profesional
Escuela profesionalEscuela profesional
Escuela profesional
 
SafePeak - IT particle accelerator (2012)
SafePeak - IT particle accelerator (2012)SafePeak - IT particle accelerator (2012)
SafePeak - IT particle accelerator (2012)
 
World I; Module 4
World I; Module 4World I; Module 4
World I; Module 4
 
Power Notes Atomic Structure
Power Notes Atomic StructurePower Notes Atomic Structure
Power Notes Atomic Structure
 
Maxx mobile.doc
Maxx mobile.docMaxx mobile.doc
Maxx mobile.doc
 
Estrategias de venta en la internacionalización
Estrategias de venta en la internacionalizaciónEstrategias de venta en la internacionalización
Estrategias de venta en la internacionalización
 
State of the Feather - Apache:Big Data - Budapest
State of the Feather - Apache:Big Data - BudapestState of the Feather - Apache:Big Data - Budapest
State of the Feather - Apache:Big Data - Budapest
 
高密度データセンターを選択する価値
高密度データセンターを選択する価値高密度データセンターを選択する価値
高密度データセンターを選択する価値
 
Xavier thoma
Xavier thomaXavier thoma
Xavier thoma
 
Rietveld Targeting young adults young households in Central Uganda - where is...
Rietveld Targeting young adults young households in Central Uganda - where is...Rietveld Targeting young adults young households in Central Uganda - where is...
Rietveld Targeting young adults young households in Central Uganda - where is...
 

Semelhante a ING webcast platform

Tech strategies keynote final for dc
Tech strategies keynote final for dcTech strategies keynote final for dc
Tech strategies keynote final for dc
rickschultz
 
The Good, the Bad and the Ugly: A Different Perspective on Identity Governance
The Good, the Bad and the Ugly: A Different Perspective on Identity GovernanceThe Good, the Bad and the Ugly: A Different Perspective on Identity Governance
The Good, the Bad and the Ugly: A Different Perspective on Identity Governance
IBM Security
 
Systems Management 2.0: How to Gain Control of Unruly & Distributed Networks
Systems Management 2.0: How to Gain Control of Unruly & Distributed NetworksSystems Management 2.0: How to Gain Control of Unruly & Distributed Networks
Systems Management 2.0: How to Gain Control of Unruly & Distributed Networks
Kaseya
 
Manufactures whats keeping you up
Manufactures whats keeping you upManufactures whats keeping you up
Manufactures whats keeping you up
Smart ERP Solutions, Inc.
 
End to-End Monitoring for ITSM and DevOps
End to-End Monitoring for ITSM and DevOpsEnd to-End Monitoring for ITSM and DevOps
End to-End Monitoring for ITSM and DevOps
eG Innovations
 
Tss Reference Architecture Reduced
Tss Reference Architecture ReducedTss Reference Architecture Reduced
Tss Reference Architecture Reduced
aadly
 
SANS Institute Product Review of Oracle Identity Manager
SANS Institute Product Review of Oracle Identity ManagerSANS Institute Product Review of Oracle Identity Manager
SANS Institute Product Review of Oracle Identity Manager
OracleIDM
 
Web based Employee Relationship Management (ERM) System
Web based Employee Relationship Management (ERM) SystemWeb based Employee Relationship Management (ERM) System
Web based Employee Relationship Management (ERM) System
hassan latifi
 
Unified ERP HCM Presentation-23Feb16
Unified ERP HCM Presentation-23Feb16Unified ERP HCM Presentation-23Feb16
Unified ERP HCM Presentation-23Feb16
Ahmed Sayed
 
OOW-CON3656-EA
OOW-CON3656-EAOOW-CON3656-EA
OOW-CON3656-EA
Ben Duan
 

Semelhante a ING webcast platform (20)

Tech strategies keynote final for dc
Tech strategies keynote final for dcTech strategies keynote final for dc
Tech strategies keynote final for dc
 
The Good, the Bad and the Ugly: A Different Perspective on Identity Governance
The Good, the Bad and the Ugly: A Different Perspective on Identity GovernanceThe Good, the Bad and the Ugly: A Different Perspective on Identity Governance
The Good, the Bad and the Ugly: A Different Perspective on Identity Governance
 
Mindfields x Workato - The Role of API-based Automation in Enhancing Employee...
Mindfields x Workato - The Role of API-based Automation in Enhancing Employee...Mindfields x Workato - The Role of API-based Automation in Enhancing Employee...
Mindfields x Workato - The Role of API-based Automation in Enhancing Employee...
 
Identity as a Managed Cloud Service
Identity as a Managed Cloud ServiceIdentity as a Managed Cloud Service
Identity as a Managed Cloud Service
 
Conquer the Barriers to Self-Service Adoption
Conquer the Barriers to Self-Service AdoptionConquer the Barriers to Self-Service Adoption
Conquer the Barriers to Self-Service Adoption
 
Orsyp Software
Orsyp SoftwareOrsyp Software
Orsyp Software
 
Integrating Enterprise Controls with the Cloud
Integrating Enterprise Controls with the CloudIntegrating Enterprise Controls with the Cloud
Integrating Enterprise Controls with the Cloud
 
Marlabs Capability Overview: Insurance
Marlabs Capability Overview: Insurance Marlabs Capability Overview: Insurance
Marlabs Capability Overview: Insurance
 
Best practices for fusion hcm cloud implementation
Best practices for fusion hcm cloud implementationBest practices for fusion hcm cloud implementation
Best practices for fusion hcm cloud implementation
 
Systems Management 2.0: How to Gain Control of Unruly & Distributed Networks
Systems Management 2.0: How to Gain Control of Unruly & Distributed NetworksSystems Management 2.0: How to Gain Control of Unruly & Distributed Networks
Systems Management 2.0: How to Gain Control of Unruly & Distributed Networks
 
Deloitte BPM case study by WorkflowGen
Deloitte BPM case study by WorkflowGenDeloitte BPM case study by WorkflowGen
Deloitte BPM case study by WorkflowGen
 
Briefing Simplicité Software (English)
Briefing Simplicité Software (English)Briefing Simplicité Software (English)
Briefing Simplicité Software (English)
 
Manufactures whats keeping you up
Manufactures whats keeping you upManufactures whats keeping you up
Manufactures whats keeping you up
 
End to-End Monitoring for ITSM and DevOps
End to-End Monitoring for ITSM and DevOpsEnd to-End Monitoring for ITSM and DevOps
End to-End Monitoring for ITSM and DevOps
 
Tss Reference Architecture Reduced
Tss Reference Architecture ReducedTss Reference Architecture Reduced
Tss Reference Architecture Reduced
 
SANS Institute Product Review of Oracle Identity Manager
SANS Institute Product Review of Oracle Identity ManagerSANS Institute Product Review of Oracle Identity Manager
SANS Institute Product Review of Oracle Identity Manager
 
Web based Employee Relationship Management (ERM) System
Web based Employee Relationship Management (ERM) SystemWeb based Employee Relationship Management (ERM) System
Web based Employee Relationship Management (ERM) System
 
Unified ERP HCM Presentation-23Feb16
Unified ERP HCM Presentation-23Feb16Unified ERP HCM Presentation-23Feb16
Unified ERP HCM Presentation-23Feb16
 
OIM Sizing Guide 11gR2PS1
OIM Sizing Guide 11gR2PS1OIM Sizing Guide 11gR2PS1
OIM Sizing Guide 11gR2PS1
 
OOW-CON3656-EA
OOW-CON3656-EAOOW-CON3656-EA
OOW-CON3656-EA
 

Mais de OracleIDM

Opening remarks-dave-profozichv2
Opening remarks-dave-profozichv2Opening remarks-dave-profozichv2
Opening remarks-dave-profozichv2
OracleIDM
 
Innovations dbsec-12c-pub
Innovations dbsec-12c-pubInnovations dbsec-12c-pub
Innovations dbsec-12c-pub
OracleIDM
 
Identityofthings amitjasuj av10
Identityofthings amitjasuj av10Identityofthings amitjasuj av10
Identityofthings amitjasuj av10
OracleIDM
 
Identityofthings amitjasuj av10
Identityofthings amitjasuj av10Identityofthings amitjasuj av10
Identityofthings amitjasuj av10
OracleIDM
 
Sun2 oracle avea's identity management platform transformation
Sun2 oracle avea's identity management platform transformationSun2 oracle avea's identity management platform transformation
Sun2 oracle avea's identity management platform transformation
OracleIDM
 

Mais de OracleIDM (20)

Con9573 managing the oim platform with oracle enterprise manager
Con9573 managing the oim platform with oracle enterprise manager Con9573 managing the oim platform with oracle enterprise manager
Con9573 managing the oim platform with oracle enterprise manager
 
Con9024 next generation optimized directory - oracle unified directory - final
Con9024 next generation optimized directory - oracle unified directory - finalCon9024 next generation optimized directory - oracle unified directory - final
Con9024 next generation optimized directory - oracle unified directory - final
 
Con8902 developing secure mobile applications-final
Con8902 developing secure mobile applications-finalCon8902 developing secure mobile applications-final
Con8902 developing secure mobile applications-final
 
Con8896 securely enabling mobile access for business transformation - final
Con8896 securely enabling mobile access for business transformation - finalCon8896 securely enabling mobile access for business transformation - final
Con8896 securely enabling mobile access for business transformation - final
 
Con8837 leverage authorization to monetize content and media subscriptions ...
Con8837 leverage authorization to monetize content and media subscriptions ...Con8837 leverage authorization to monetize content and media subscriptions ...
Con8837 leverage authorization to monetize content and media subscriptions ...
 
Con8836 leveraging the cloud to simplify your identity management implement...
Con8836 leveraging the cloud to simplify your identity management implement...Con8836 leveraging the cloud to simplify your identity management implement...
Con8836 leveraging the cloud to simplify your identity management implement...
 
Con8834 bring your own identity - final
Con8834 bring your own identity - finalCon8834 bring your own identity - final
Con8834 bring your own identity - final
 
Con8833 access at scale for hundreds of millions of users final
Con8833 access at scale for hundreds of millions of users finalCon8833 access at scale for hundreds of millions of users final
Con8833 access at scale for hundreds of millions of users final
 
Con8828 justifying and planning a successful identity management upgrade final
Con8828 justifying and planning a successful identity management upgrade finalCon8828 justifying and planning a successful identity management upgrade final
Con8828 justifying and planning a successful identity management upgrade final
 
Con8823 access management for the internet of things-final
Con8823 access management for the internet of things-finalCon8823 access management for the internet of things-final
Con8823 access management for the internet of things-final
 
Con8819 context and risk aware access control any device any where - final
Con8819 context and risk aware access control any device any where - finalCon8819 context and risk aware access control any device any where - final
Con8819 context and risk aware access control any device any where - final
 
Con8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - finalCon8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - final
 
Con8811 converged identity governance for speeding up business and reducing c...
Con8811 converged identity governance for speeding up business and reducing c...Con8811 converged identity governance for speeding up business and reducing c...
Con8811 converged identity governance for speeding up business and reducing c...
 
Con 8810 who should have access to what - final
Con 8810 who should have access to what - finalCon 8810 who should have access to what - final
Con 8810 who should have access to what - final
 
Opening remarks-dave-profozichv2
Opening remarks-dave-profozichv2Opening remarks-dave-profozichv2
Opening remarks-dave-profozichv2
 
Con8808 enabling business growth in the new economy final
Con8808 enabling business growth in the new economy finalCon8808 enabling business growth in the new economy final
Con8808 enabling business growth in the new economy final
 
Innovations dbsec-12c-pub
Innovations dbsec-12c-pubInnovations dbsec-12c-pub
Innovations dbsec-12c-pub
 
Identityofthings amitjasuj av10
Identityofthings amitjasuj av10Identityofthings amitjasuj av10
Identityofthings amitjasuj av10
 
Identityofthings amitjasuj av10
Identityofthings amitjasuj av10Identityofthings amitjasuj av10
Identityofthings amitjasuj av10
 
Sun2 oracle avea's identity management platform transformation
Sun2 oracle avea's identity management platform transformationSun2 oracle avea's identity management platform transformation
Sun2 oracle avea's identity management platform transformation
 

Último

Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 

Último (20)

Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxOn_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
 
Plant propagation: Sexual and Asexual propapagation.pptx
Plant propagation: Sexual and Asexual propapagation.pptxPlant propagation: Sexual and Asexual propapagation.pptx
Plant propagation: Sexual and Asexual propapagation.pptx
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
 

ING webcast platform

  • 1. <Insert Picture Here> Mark Robison, Enterprise Architect, ING Neil Gandhi, Principal Product Manager, Oracle ING: Scaling Role Management and Access Certification to Thousands of Applications
  • 2. This document is for informational purposes. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described in this document remains at the sole discretion of Oracle. This document in any form, software or printed matter, contains proprietary information that is the exclusive property of Oracle. This document and information contained herein may not be disclosed, copied, reproduced or distributed to anyone outside Oracle without prior written consent of Oracle. This document is not part of your license agreement nor can it be incorporated into any contractual agreement with Oracle or its subsidiaries or affiliates.
  • 4. Agenda • Business Drivers • Implementation • The Platform Approach • Results & Lessons Learnt • Use Cases & Deployment Synergies • Q&A
  • 5. ING Environment at a Glance Oracle Access Manager • Fortune Global 500 • Over 29 M customers • Over 16K US employees* • 600 attested resources • Centralized Security • Full Auditability *Includes managed contractors
  • 6. State of Business Prior to Implementation Oracle Access Manager Existing System – home grown and spreadsheet based Project scope - Role Based The problem of scale - 520 critical apps Disparate systems – No single audit source Key stakeholders – LoB, Security (CSO), IT
  • 7. Business Drivers for ING Oracle Access Manager Regulatory Compliance • Scaling compliance across applications & users Operational Efficiency • Reduce redundant effort, administrative overhead Personalized User Experience • Improve user productivity, SLA Risk Mitigation • Close security gaps with instant and accurate user account/lifecycle management
  • 8. ING IAM Implementation Oracle Access Manager Current Scope • Internal users • User Population: 16K • Initial focus on 520 SOX-critical applications Immediate Goals • Replace home grown system for scale, efficiency • Single Platform to handle access management Key Features • Roles based • Automatic user access attestation on transfer • Integration with Oracle Identity Manager (OIM) for full lifecycle management
  • 9. Phase-In Approach at ING Perimeter Security Revokes (OIM) - 2009 • Automate the revoke of key perimeter security access for all employees that are terminated • PeopleSoft HR is triggering system • Network access (Active Directory) • Email (Exchange) • RACF (Mainframe) • Benefits • Real Time account disable on termination event Password Management (Oracle ESSO)- 2007 • Provide mechanism for end user to have a single login for multiple applications • Provide for self service password resets – 12/2010 • Benefits • User does not have to memorize multiple credentials • Reduced calls to help desk for password resets (40% reduction) Retirement - Insurance - Investments 9
  • 10. Phase-In Approach at ING Access Attestation (OIA) – 11/1/2010 • Replaced custom developed attestation program with OIA product • Provides quarterly manager based review for employee’s application access • Currently supports over 600 application feeds (520 SOX critical) • Integrated with PeopleSoft HR, Service-Now (Help Tickets and Configuration Management Database) • Provides immediate manager review process for employee’s application access on employee transfer event • Benefits • Easier attestation experience for managers • Audit compliance Base Role Access (OIM) – 12/15/2010 • Automate Base Role Access on New Hire event from HR • Active Directory, Exchange, Ariba (Procurement), Service-Now (Help Desk, CMDB), Clarity (Time Tracking), PeopleSoft HR (Benefits, Pay), ESSO, etc. • Benefits • Standardization of user setup • Reduced new hire provisioning time (From 7 days to instant) Retirement - Insurance - Investments 10
  • 11. Phase-In Approach at ING Simple AD Application Access (OIM) – 3/1/2011 • Automate simple AD security based applications and integrate with Service-Now for manager requested provisioning • Benefits • Consistent, timely provisioning • Reduction of Security Fulfillment Staff (10 consultants) Implementation of ING Contact Centers (OIA and OIM) - 2011 • Develop Role Matrix for all contact center staff • Identify and integrate all applications into new provisioning process • Where cost effective & technically viable, applications are automatically provisioned using OIM • All other applications will be manually provisioned (from OIM) by integrating OIM to the Service- Now Help Desk ticketing system Implementation of all ING Business Units (OIA and OIM) – 2012 + • Develop Role Matrix for all other organizations • Identify and integrate all applications into new provisioning process Retirement - Insurance - Investments 11
  • 12. Methods of Attestation – Initial Method with OIA • Resource Based Attestation • Manager must attest to all employees access in all applications • Results in many attestation reports per manager • Manager does not “know” if level of access is appropriate • Encourages “rubber stamping” Application A Platform B Application C System D Manager Employees Applications
  • 13. Methods of Attestation – Future Plan with OIA • Role Based Attestation • A Business Roles defines what IT roles a user should have to perform only their specific job function • IT Roles determine the level of access required within application/platform • Manager attests that employees are in correct Business Role • Business Role Owner attests that the IT roles makeup the correct access needed to perform job function • IT Role Owner attests that correct application entitlements are set in IT role Application A Platform B Application C System D Manager Employees Role A Role B Role C Role A Application C System D Application A System D Role B Role C Business Role Owners Business Roles
  • 14. The Bigger Picture Oracle Identity Analytics (OIA), Oracle Identity Manager (OIM), and Oracle Enterprise Single Sign-On (OESSO) provide a comprehensive and integrated suite of products that allow ING to effectively manage identity and access management. The applications are game changers that have greatly enhanced ING’s Operational Efficiency.
  • 15. Down The Road: Future Plans & Drivers Increase Automated Provisioning • Custom Connectors to Applications Extend Scope to External Identities – Customers • Provisioning/Attestations Expand Identity Warehouse • Support Additional Feeds
  • 16. OIM and OIA Synergies at ING OIA – The BRAINS • Allows Modeling of roles • Supports user attestation • Supports Segregation of Duty checks OIM – The MUSCLE • Provisioning and Deprovisioning engine • Access Reconciliation • Identity Data Warehouse
  • 17. ING Business Value • The time to get new employees access to all required applications is reduced. (<24 hours) • The process of user access review is simplified. (Role Based) • Closed Loop Remediation on attestation is accomplished using OIA and OIM. • IT / Application roles are clearly defined, including the specific IT entitlements so error rates and re-work efforts are significantly reduced. • Where feasible, applications are automatically provisioned, based on pre- approved business & application roles to reduce fulfillment time and errors. • Reporting and fulfillment validation capabilities provide more complete audit options while reducing the associated costs. • Separation of Duties conflicts are easier to manage. • Can manage the lifecycle of an identity from new hire, transfer, to termination. Retirement - Insurance - Investments 17
  • 18. Implementation Lessons Learned  IAM (Identity and Access Management) implementation projects cross organizational boundaries and require strong sponsorship to set direction and priorities  Governance function with engaged stakeholders from management, business, Information Technology is challenging to establish, but vital for the long-term Executive Sponsorship  Achieve clarity on the business challenges being addressed by the IAM solution  Identify business drivers – Compliance, Risk Management, Cost Control, Business Facilitation – based upon enterprise needs and determine priority with stakeholders Business Focus  Obtaining organizational buy-in for moving from application-specific to enterprise identity and access management is an exercise in diplomacy  Provisioning project spans the whole organization - 75% Process + 25% Technology  Curb your enthusiasm – don’t over-scope your Phase 1 implementation Change Leadership  Initial IAM projects should deliver "quick wins" to build business support for continuing the IAM program  The “big-bang” implementation approach is unlikely to build stakeholder trust and involvement required for continuing along the IAM maturity curve Value Delivery Retirement - Insurance - Investments 18
  • 19. Implementation Lessons Learned  In order to reduce the risk and avoid testing in production, non-production target environments are required to test connectors (AD, Exchange, RACF)  It is critical for non-production target environments to have the same data and schema as the production target environments Non Production Target Environments  Account ID format conventions in use could present challenges or constraints on uniqueness, consistency, and ease to remember  Opportune time to standardize the login ID  May require multiple standards based on platform limitations, a handful of standard patterns are better than free form Standard User ID  Determine point of diminishing returns for automated and manual processes  Pilot the implementation to prove the solution  Implement the solution by delivering in phases (top value first)  Test performance and functionality Technology Integration  IAM projects have unique characteristics, so domain experience is vital  IAM projects are complex, demand effective managers who can not only track schedule and budget, but effectively communicate with a diverse set of stakeholders and make sure everyone is pulling in the same direction IAM Experience Retirement - Insurance - Investments 19
  • 20. Scale and Simplicity • A Few Administrators • Handful of Help Desk Staff
  • 21. • Key front-office features automation: • Access Request & Access Certification • Cross product knowledge of common identity data and policies • Role-based User Administration • Preventative Separation of Duties (SoD) Enforcement • User Risk Aggregation and Auditing • Analytics and Reporting Oracle Identity Manager – Oracle Identity Analytics Use Cases
  • 22. Oracle Identity Manager – Oracle Identity Analytics Unique Value Proposition User On- boarding User Access Change User Off- board SOD Checking Aggregate Risk Score • Access Request and Access Certification Automation • Risk Aggregation throughout User Lifecycle • Scales & expedites certification process • Builds in accuracy • Closed-Loop Remediation • Streamlined User, Role Management
  • 23. Platform Reduces Cost vs. Point Solutions 46% Cost Savings Source: Aberdeen “Analyzing point solutions vs. platform” 2011 Benefits Oracle IAM Suite Advantage Increased End- User Productivity • Emergency Access • End-user Self Service • 11% faster • 30% faster Reduced Risk • Suspend/revoke/de- provision end user access • 46% faster Enhanced Agility • Integrate a new app faster with the IAM infrastructure • Integrate a new end user role faster into the solution • 64% faster • 73% faster Enhanced Security and Compliance • Reduces unauthorized access • Reduces audit deficiencies • 14% fewer • 35% fewer Reduced Total Cost • Reduces total cost of IAM initiatives • 48% lower 48% More Responsive 35% Fewer Audit Deficiencies
  • 24. Oracle Identity Management Platform Complete, Innovative and Inter-operable Identity Administration, Governance • Password Management • Self-Service Request & Approval • Roles based User Provisioning • Analytics, Policy Monitoring • Risk-based Access Certification Access Management • Single Sign-On & Federation • Web Services Security • Authentication & Fraud Prevention • Authorization & Entitlements • Access from Mobile Devices Directory Services • LDAP Storage • Virtualized Identity Access • LDAP Synchronization • Next Generation (Java) Directory Platform Security Services Identity Services for Developers
  • 25. Why Oracle ? • Strategic Partner • Platform Synergies • Comprehensive, Best-in-Class • Proven Solutions, Team
  • 26. Aberdeen Online Identity Assessment Benchmark Your Identity & Access Program www.oracle.com/Identity
  • 27. New York April 12th Toronto April 17th Boston April 19th Chicago April 10th Aberdeen Group Event Series Featuring Analyst Derek Brink San Francisco May 22nd
  • 28. Platform Best Practices Agilent Technologies February 15th 2012 (Replay available) Live Platform Webcast Series Customers Discussing Results of Platform Approach Cisco’s Platform Approach Cisco Systems March 14th 2012 Platform for Compliance ING Bank April 11th 2012 Platform Business Enabler Toyota Motors May 30th 2012 Register at: www.oracle.com/identity
  • 29. Identity Management at COLLABORATE 12 Deep Dive, User-Driven Sessions, and More Register at: http://w3.ioug.org/C12IM • April 22 – 26, Las Vegas • Sunday, Apr 22, 9 am – 3 pm Security and Compliance for your Oracle Systems • Multiple Security, Identity Management sessions (Keyword search: Identity Management)
  • 31. Q&A Enterprise Architect Mark Robison Principal Product Manager Neil Gandhi