Od webcast-cloud-fraud final
-
Upload
oracleidm -
Category
Technology
-
view
2.026 -
download
0
description
Transcript of Od webcast-cloud-fraud final
<Insert Picture Here>
Key Fraud and Security Considerations for Confidence in the Cloud January 17th 2012
2 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
Cloud Security Executive Speaker Panel
Ben Trowbridge CEO
Cloud Sourcing and Benchmarking Advisor
GAIL COURY VP Risk Management
Marc Boroditsky VP I.D. Mgmt. Solutions
2
3 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
Cloud Security Can be a Challenge. But Why?
Can Our Data Be Safe and Secure in the Cloud?
3
4 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
Top Cloud Security Concerns*
4.
3.
2.
On going compliance concerns
Co-mingling of customers’ data
Access control and I.D. Mgmt.
1. Data access from mobile devices
5. Security standards and certifications *CSO Online Article Feb 20, 2011
Co. A Data
Co. B Data
Co. C Data
Top 4: Identity Mgmt.
Related
4
5 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
Evaluating Your Cloud Provider’s Security
• Where does security fit within your overall cloud sourcing methodology?
• Best practices when evaluating a cloud provider’s security
• Cloud security pitfalls to avoid
Best Practices Cloud Sourcing Methodology
?
Cloud Provider Security
Cloud Sourcing Methodology
Security ?
5
Identity Restores Control and Reduces Risk
1990 1995 2000 2005 2008
LOW
MED-LOW
HIGH
MED-HIGH
CONTROL HIGH LOW
RIS
K
Enterprise
Private In House Cloud
Private Hosted Cloud
Public Cloud
87% Security main barrier to cloud adoption Source: IDC Enterprise Panel, 3Q09
6 Copyright © 2011, Oracle and/or its affiliates. All rights reserved. 6
Identity Bridges the Gap
Identity
Administration
Audit
Risk Management
AuthN and AuthZ
Adaptive Access • Context / Risk Aware • Anomaly detection • Access certification
Administration • Role Mgmt • Provisioning • Identity Analytics • Certification
Access • Single-sign on • Password policy • Authorization policy
Scalable Repository • Identity Synch • Identity Virtualization • Reporting
Tools Point Solutions Platform Intelligence
7 Copyright © 2011, Oracle and/or its affiliates. All rights reserved. 7
8 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
Case Study
Multi-Factor Authentication • What you have – your computing device • What you know – password • What you are – knowledge questions
Anti-Fraud Features • Personalized image, phrase, timestamp • Device fingerprint & Virtualized keyboard • Adaptive rules (device, location, time…)
PeopleSoft | Internet-Facing Employee Self-Service Easy for Users | Hosted and Managed by Oracle Cloud Services
Oracle IDM & Authentication Cloud Service
8
9 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
Case Study
Dashboard for: • Logins • Failed Logins • KBA Challenges • Blocked Logins • Alerts • Drilldown • and much more
Oracle IDM & Authentication Cloud Service
9
10 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
Cloud Security Executive Speaker Panel
Ben Trowbridge, CEO
Cloud Sourcing and Benchmarking
Advisor
Gail Coury, VP Risk Mgmt.
Marc Boroditsky, VP ID Mgmt.
10