Upload
indus-khaitan
View
53
Download
3
Embed Size (px)
Citation preview
Indus KhaitanSnr. Director, Oracle
Rajesh PakkathSnr. Product Manager, Oracle
Rakesh MeenaSnr. Architect, AurionPro
October 26, 2015
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Mobile Security in the Cloud
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Safe Harbor Statement
The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
2
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Program Agenda
1
2
3
4
3
Enterprise Mobile Trends
Oracle Mobile Security Cloud Service
Mobile Security Use Cases
Q&A
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 4Copyright © 2015 Oracle and/or its affiliates. All rights reserved.
Mobile OS adding more in-built MDM/MAM features
MDM commoditized and approaching zero dollar value
4
MAMmore in-built tools and features for enterprise mobile security
LEVERAGE COMMON IDENTITY, AUTHENTICATION AND MANAGEMENT SERVICES ACROSS DEVICES AND PLATFORMS
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
The Enterprise App Explosion
Source: Portable and Web Apps Dominate in Our Mobile Model, Ensuring Maximum Device Flexibility
Gartner Presentation, The Current and Future State of Mobility, Van L Baker, Jason Wong, August 2015
NEED A CROSS PLATFORM RAPID APP DEVELOPMENT PLATFORM INTEGRATED WITH KEY MOBILE SECURITY FUNCTIONS
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Cloud Adoption on the Rise
Oracle Confidential – Internal/Restricted/Highly Restricted 6
NEED IDENTITY FEDERATION, HYBRID ACCESS TO CLOUD/ON-PREM AND COMMON POLICIES ACROSS CHANNELS
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
We are Living in a Breach Culture
Oracle Confidential – Internal/Restricted/Highly Restricted 7
NEED RISK/CONTEXT AWARE STRONG AUTHENTICATION ACROSS CHANNELS
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Vision of the Future
Oracle Confidential – Internal/Restricted/Highly Restricted 8
MOBILE DEVICE CAN BE THE ULTIMATE TOKENLESS AUTHENTICATOR
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Program Agenda
1
2
3
4
9
Enterprise Mobile Trends
Oracle Mobile Cloud Platform
Mobile Security Use Cases
Q&A
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Build & Deliver Mobile Apps with Seamless, Secure Access to Mission-Critical Data
Oracle Mobile Platform: Simplifies Enterprise Mobility
MANAGE
Custom Mobile Apps Packaged Mobile Apps Partner Built Mobile Apps
10Oracle Confidential – Highly Restricted
Mobile Cloud Service
DEVELOP INTEGRATEMobile Cloud Service
ANALYSEMobile Cloud Service Identity Cloud Service
SECURE
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Social Login
Single Sign-On
Reporting &Analytics
Oracle & 3rd PartyConnectors
ID Admin &Self Service
StrongAuthentication
Oracle Identity Cloud Services
Oracle Confidential – Internal/Restricted/Highly Restricted 11
Employees
Partners
Customers
Enables Access by Anyone, from Anywhere, on Any Device
Mobile Identity
Single sign on across mobile apps
Risk / context aware step up authentication
Self service and delegated administration
Certificate LCM
Mobile Application Management
App centric security policies
Inbuilt PIM apps
Zero code wrapping technology
App store for distribution
Secure apps built on MAF and MCS
Mobile Device Management
Device centric security policies
Device enrollment
Device control
Device inventory
Mobile Content Management
Secure container & app tunnel for securely accessing and storing corporate content
Strong DLP policies to avoid data leakage
File manager and doc editor / viewer for secure content collaboration
Multi-channel Application Security
Mobile SecurityCloud Service
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 12
Risk/context-aware Enterprise Mobility Management
Oracle Mobile Security Cloud Service
IDENTITY CLOUD SERVICEMOBILE SECURITY
Oracle Confidential – Highly Restricted
Multi-channel
On-prem Apps
Custom Apps
Oracle, 3rd party, custom MCS SaaS
OTP KBABiometrics
Out of bandRisk/context aware
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 13
Simplify App Development, Security & Integration
Oracle Mobile Cloud Service
MOBILE CLOUD SERVICE+
IDENTITY CLOUD SERVICE
Engagingfront-end experience
Enterprise grade backend with robust security controls
Systems of Record& Services
A set of Cloud-based mobile services designed to make app development & integration quick, secure & easy to deploy.
Oracle Confidential – Highly Restricted
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 14
Risk, context aware access
Mobile as another factor of authentication
Oracle Confidential – Highly Restricted
Biometrics based authentication for Secure Workspace
Knowledge based authentication using Identity Cloud Service
Time-based One-time Password using Oracle Mobile Authenticator
MOBILE DEVICES ARE THE NEW IDENTITY
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Pre-wrapped Oracle Apps
Oracle Confidential – Internal/Restricted/Highly Restricted 15
• Hundreds of Oracle on-prem and SaaS apps pre-wrapped with Mobile Security Services
• Security functions include:
– Hybrid SSO across on-prem and SaaS apps
– Data Encryption
– Device Integrity
– Data Leakage Prevention
– App distribution
– Workspace and device control
Easy uptake of Mobile Security Services
BICSEBS
JDE
Primavera
WCC
Seibel
DOCSTAP
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Program Agenda
1
2
3
4
16
Enterprise Mobile Trends
Oracle Mobile Cloud Platform
Mobile Security Use Cases
Q&A
Confidential. Copyright © 2015 Aurionpro Solutions. All rights reserved. 17
Aurionpro at a glance
Founded: 1997
IPO: 2005
Revenue 2013-14 : 120 Million USD
NA HQ: San Ramon, California
100+ Customers
33 Fortune 500 Customers
1,340+ Employees
18 Products serving 5 Industries
Solutions delivered in 22 Countries
Confidential. Copyright © 2015 Aurionpro Solutions. All rights reserved. 18
Leading Retail Pharmacy
• 300k customers, 6k employees, 50+ retail stores
• Store employees
– Business need: Easily interact with customers on the store floor instead of being behind POS
systems (Apple store like experience)
– The stores already has issued tablets to access some of this info from the device web browser but
lacks a seamless user experience – shared devices which requires each user to login to device level
VPN to access the data
– Provide a native mobile app that employees can login using their existing network credentials to
securely view customers purchase history, suggest and process targeted offers from these shared
and controlled tablets
• Customers
– Business need: Manage refills from mobile app with a view of historical transactions on their own
device
– Customer registrations keep increasing by the day and management is getting very complex
Secure in-store shopping experience
Confidential. Copyright © 2015 Aurionpro Solutions. All rights reserved. 19
Cloud based Mobility Management with minimum disruption to business
Store Employees (B2E) Customers (B2C)
• No re-registration of tablets – use existing MDM solution to lockdown and manage the device
• Allow active users to authenticate to the shared devices using existing network (AD) credentials
• No device level VPN or additional logins should be required
• Enable Kiosk mode - Replace device passcode with corporate credentials and restrict device usage to the Store mobile app only
• Encrypt any customer data accessed and downloaded on the device
• Move to a scalable cloud IDM solution to handle customer registrations, user management and access functions
• Customer transactions and refills should continue to be serviced by the on-prem Customer Information System
• Mobile app distributed via public app stores
• Encrypt any customer data accessed and downloaded on the device
Technical Requirements
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Identity Cloud Service
Mobile Security
MSCS
Access
Server
Oracle Access
Manager
Pharmacy
Information System
3rd party
MDM
Server
Active
Directory
Oracle Cloud
Customer on-prem env
Oracle Identity Cloud Service
Authenticate & Access with SSO (App Tunnel)
ID Bridge
Manage Device(Co-exist)
Get Mobile Security Policies
Logout
Store App(Kiosk Mode)
Store Employee Access
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Identity Cloud ServiceUser Management
Mobile Security
MSCS
Access
Server
Customer
Information System
Oracle Cloud
Customer on-prem env
Oracle Identity Cloud Service
Authenticate & Get Mobile Security Policies
Customer App
Customer Access
Public App Store(Wrapped Customer
app)
Active Directory
(Customer OU)
Oracle Access
Manager
Identity Cloud ServiceIdentity Management
AuthenticationMobile Security
Confidential. Copyright © 2015 Aurionpro Solutions. All rights reserved. 22
Leading Financial InstitutionLoan Sourcing - Anytime, Anywhere
• 5000+ on-the-field sales agents working from remote parts of the country
• Business need: Replace the current paper based micro-finance application
process with native mobile apps that could enable sales agents work from any
part of the country at any time. This would result in more business to the
company and help agents reach their sales targets more effectively.
• No app development expertise available in-house
• Agents want a quick and seamless user experience logging into and using
multiple mobile apps
• Need app usage analytics for licensing and ROI calculation
Confidential. Copyright © 2015 Aurionpro Solutions. All rights reserved. 23
Cloud based Mobility Development & Management solution
• Develop a native mobile app that connects to loan servicing application REST interfaces and includes a workflow of customer identity vetting provided by 3rd party SaaS provider
• Allow active users to user their own devices (BYOD) and authenticate to the app using existing network (AD) credentials
• Offline app access and sync to the backend Loan Servicing application is critical as remote locations may not have network connection
• Agent access from certain locations should require knowledge based strong authentication
• Agents need to connect to Oracle Document Cloud Service for any loan related files to be uploaded or viewed
• Agents need access to their corporate emails hosted on Office 365
• Application/LOB owners should be able to view app usage analytics
Technical Requirements
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Identity Cloud Service Mobile Security
Risk based Authn
Mobile Cloud ServiceDevelop, Workflow, Analytics
Document Cloud ServiceFile Collaboration
MSCS
Access
Server
Loan Servicing
System
Oracle Cloud Customer on-prem env
Oracle Identity Cloud Service + Mobile Cloud Service
Customer App
Scalable Mobile Backend and Security solution
Public App Store(O365, Pre-wrapped
Oracle DCS)
Active Directory
(IdP) (Hybrid inter-app
SSO, Offline access)
Identity Vetting SaaS
Office 365
3rd PartyCloud SaaS
SAML Auth
SAML/OAuth
SAML/OAuth
OAuth
OAuth
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
1. Identity management + Enterprise Mobility Management in one package
2. Support for risk/context-aware step up authentication and authorization
3. Hybrid SSO across on-prem, Oracle SaaS/PaaS, Oracle MCS and 3rd party SaaS providers
4. Pre-wrapped Oracle Apps on public app stores for easier mobility management uptake
Oracle Identity Cloud Service Summary
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 26
Classroom Training
Learning Subscription
Live Virtual Class
Training On Demand
Keep Learning with Oracle University
education.oracle.com
Cloud
Technology
Applications
Industries
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Session Surveys
Help us help you!!• The [Program Committee J1] [organizing committee OW] would like to
invite you to take a moment to give us your session feedback. Your feedback will help us to improve your conference.
• Please be sure to add your feedback for your attended sessions by using the Mobile Survey or in Schedule Builder.
27