Sun2 oracle avea's identity management platform transformation
- 1. Sun2Oracle: Avea’s Identity Management Platform Transformation Darin Pendergraft, Oracle IDM Ulvi Bucak, Avea Mahmut Kucuk, Avea
- 2. This document is for informational purposes. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described in this document remains at the sole discretion of Oracle. This document in any form, software or printed matter, contains proprietary information that is the exclusive property of Oracle. This document and information contained herein may not be disclosed, copied, reproduced or distributed to anyone outside Oracle without prior written consent of Oracle. This document is not part of your license agreement nor can it be incorporated into any contractual agreement with Oracle or its subsidiaries or affiliates. 2 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 3. Speakers Darin Pendergraft Ulvi Bucak Mahmut Küçük Sr. Director, Product Security Operations Security Planning Marketing and Planning Manager Supervisor 3 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 4. Agenda IDM Drivers Barriers to Adoption Avea Case Study Platform Benefits Resources Q&A 4 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 5. What is driving your IDM strategy? Mobile Application Security Regulatory Compliance Self Service Enterprise Social Identity Integration Cloud Services 5 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 6. Barriers to Adoption Need to leverage existing IDM investments Uncertain funding Lack of in-house resources Scalability concerns Architectural complexity Service outage 6 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 7. AVEA Identity & Access Management Project
- 8. • About Avea • Business & Technical Requirements • What is the scope ? • Challenges • Lessons Learned
- 9. About Avea • Avea, the sole GSM 1800 mobile operator of Turkey, was founded in 2004. • Member of Turk Telekom Group. • 12.8 million customers as of the first quarter of 2012. • Offering services to 98% of Turkey's population through its next generation network.
- 10. Business & Technical Requirements • Replace Sun IDM with OIM. • Implement Role Based Access Control (RBAC) for entire Avea organization. • Enhanced Self Service Workflows. • Improve Provisioning Performance. • Improve Security of Self Service Password Reset. • Review process for user entitlements periodically. • Enable new platform to scale . (Project Ph2 is on the way for dealers) • Build accurate and customized reports.
- 11. Challenges • Business Roles are not defined (OIA) • Request & Approval processes are not defined. • User Interface customizations on 11g R1 is not easy. • Outsourced testing team. • Migration from existing Sun IDM.
- 12. What’s in scope? • 6300 identites (employees & outsoures) • 16 Enterprise Systems and Applications Integration (SAP, MS AD,Exchange,Siebel CRM, Unix Systems, etc.) • ~150 of Roles and Access policies are defined • 23 Request& approval workflow processes • Attestation & SOD
- 13. Avea IDM System Overview
- 14. Completed tasks .. • SAP HR User and Organization reconciliation with RFCs. – Hire,Update,Transfer,Fire,Transfer to Sister Company to User – Create,Update,Delete,Disable Organization – Resolve missing records and synch issues. – Create groups for CC (OrgId+Title+Location) • New Outsource Management Application is developed on SAPHR. – To improve data quality
- 15. Completed tasks .. • SMS and IVR voice recognition based Password Reset. • User entitlement structure is changed for Avea subscription system. • HR has role management responsibility. • Organizational Change Process has been rebuilt. • Online end user training.
- 16. UI Customizations • CC Role Management UI &Workflows – Create New Access Policy (with template option) – Assign Resource to AP – Assign AP to Groups – Assign User (Temporarily) to a Group – ... • NonCC UI and Workflows – Manage Entitlements (needs Admin approval) – Request Resource for User • Single or Multi Privileges – Request Group for User – Password Reset for IT Helpdesk – ...
- 17. Lessons Learned • Product and Partner. • You need role mining (OIA) to define business roles and policies. • Business sponsors. • Tests must be performed onsite. • Sun migration was not just an upgrade.
- 18. Assess the Business Opportunity Security Efficiency Scale 3X Compliance User Productivity New Customers Internal Governance Operational Cost Quality of Service Security Risk Opportunity Cost 18 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 19. Oracle Identity Management 11gR2 Simplified Experience Modernized Platform Cloud, Mobile and Social Extreme Scale Faster Lower Clear Upgrade Path Deployment TCO 19 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 20. Oracle Identity Platform Identity Lifecycle Management & 360 visibility Governance Regular & Privileged identities Access Complete access control Detection Fraud & SSO Management Converged Policy Administration & Control Directory LDAP, VirtualizationFraud Detection & Meta-directory Services Unified Administration & Management 20 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 21. The Platform Approach makes sense TAKING A 48% Cost Savings REDUCES 46% More Responsive INCREASES IMPROVES 35% Fewer Audit Deficiencies Source: Aberdeen “Analyzing point solutions vs. platform” 2011 21 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 22. Resources Blogs.oracle.com/OracleIDM Facebook.com/OracleIDM Twitter@OracleIDM 22 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 23. 23 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 24. 24 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 25. 25 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.