Sun2 oracle avea's identity management platform transformation

Sun2Oracle: Avea’s Identity Management Platform Transformation

Darin Pendergraft, Oracle IDM

Ulvi Bucak, Avea

Mahmut Kucuk, Avea

Copyright © 2012, Oracle and/or its affiliates. All rights reserved. 2

This document is for informational purposes. It is not a commitment to deliver any material,

code, or functionality, and should not be relied upon in making purchasing decisions. The

development, release, and timing of any features or functionality described in this document

remains at the sole discretion of Oracle. This document in any form, software or printed

matter, contains proprietary information that is the exclusive property of Oracle. This

document and information contained herein may not be disclosed, copied, reproduced or

distributed to anyone outside Oracle without prior written consent of Oracle. This document

is not part of your license agreement nor can it be incorporated into any contractual

agreement with Oracle or its subsidiaries or affiliates.


Sr. Director, Product Marketing

Darin Pendergraft

Security Planning Supervisor

Mahmut Küçük

Security Operations and Planning Manager

Ulvi Bucak

Speakers


IDM Drivers

Barriers to Adoption

Avea Case Study

Platform Benefits

Resources

Q&A

Agenda


What is driving your IDM strategy?

Mobile Application Security

Social Identity Integration

Cloud Services

Self Service Enterprise

Regulatory Compliance


Need to leverage existing IDM investments

Uncertain funding

Lack of in-house resources

Scalability concerns

Architectural complexity

Service outage

Barriers to Adoption

AVEA Identity & Access Management

Project

• About Avea

• Business & Technical Requirements

• What is the scope ?

• Challenges

• Lessons Learned

• Avea, the sole GSM 1800 mobile operator of Turkey, was founded in 2004.

• Member of Turk Telekom Group.

• 12.8 million customers as of the first quarter of 2012.

• Offering services to 98% of Turkey's population through its next generation network.

About Avea

• Replace Sun IDM with OIM.

• Implement Role Based Access Control (RBAC) for entire Avea organization.

• Enhanced Self Service Workflows.

• Improve Provisioning Performance.

• Improve Security of Self Service Password Reset.

• Review process for user entitlements periodically.

• Enable new platform to scale . (Project Ph2 is on the way for dealers)

• Build accurate and customized reports.

Business & Technical Requirements

• Business Roles are not defined (OIA)

• Request & Approval processes are not defined.

• User Interface customizations on 11g R1 is not easy.

• Outsourced testing team.

• Migration from existing Sun IDM.

Challenges

• 6300 identites (employees & outsoures)

• 16 Enterprise Systems and Applications Integration (SAP, MS AD,Exchange,Siebel CRM, Unix Systems, etc.)

• ~150 of Roles and Access policies are defined

• 23 Request& approval workflow processes

• Attestation & SOD

What’s in scope?

Avea IDM System Overview

• SAP HR User and Organization reconciliation with RFCs. – Hire,Update,Transfer,Fire,Transfer to Sister Company to User – Create,Update,Delete,Disable Organization – Resolve missing records and synch issues. – Create groups for CC (OrgId+Title+Location)

• New Outsource Management Application is developed

on SAPHR. – To improve data quality

Completed tasks ..

• SMS and IVR voice recognition based Password Reset.

• User entitlement structure is changed for Avea subscription system.

• HR has role management responsibility.

• Organizational Change Process has been rebuilt.

• Online end user training.

Completed tasks ..

• CC Role Management UI &Workflows – Create New Access Policy (with template option)

– Assign Resource to AP

– Assign AP to Groups

– Assign User (Temporarily) to a Group

– ...

• NonCC UI and Workflows – Manage Entitlements (needs Admin approval)

– Request Resource for User

• Single or Multi Privileges

– Request Group for User

– Password Reset for IT Helpdesk

– ...

UI Customizations

• Product and Partner.

• You need role mining (OIA) to define business roles and policies.

• Business sponsors.

• Tests must be performed onsite.

• Sun migration was not just an upgrade.

Lessons Learned


3X

Scale Efficiency Security

User Productivity

Operational Cost

Opportunity Cost

New Customers

Quality of Service

Compliance

Internal Governance

Security Risk

Assess the Business Opportunity


Oracle Identity Management 11gR2

Simplified Experience

Cloud, Mobile and Social

Extreme Scale

Clear Upgrade Path

Faster

Deployment

Lower

TCO

Modernized Platform


Fraud Detection

Identity

Governance

Fraud Detection Access

Management

Directory

Services

Lifecycle Management & 360 visibility

Regular & Privileged identities

Complete access control & SSO

Converged Policy Administration & Control

LDAP, Virtualization & Meta-directory

Unified Administration & Management

Oracle Identity Platform


46% Cost Savings

Source: Aberdeen “Analyzing point solutions vs. platform” 2011

48% More Responsive

35% Fewer Audit Deficiencies

TAKING A

REDUCES

INCREASES

IMPROVES

The Platform Approach makes sense


Resources

Blogs.oracle.com/OracleIDM

Facebook.com/OracleIDM

Twitter@OracleIDM

Sun2 oracle avea's identity management platform transformation

Documents

Transcript of Sun2 oracle avea's identity management platform transformation