Oracle Expands Identity Management Platform to Protect the Extended Enterprise

Oracle has introduced enhancements to Oracle Identity Management 11g Release 2 that are aimed at helping organizations extend access policies and controls beyond enterprise applications and systems to cloud-based systems and mobile devices. According to Oracle, as organizations increasingly adopt cloud and mobile applications, user identities are proliferating and becoming unmanageable and making it difficult for businesses to embrace new opportunities while keeping their corporate user information and data secure.

With the latest updates to the Oracle Identity Management platform, IDM 11gR2 PS (Patch Set) 2, Oracle is helping provide organizations with features to further secure enterprise, cloud and mobile applications. Dubbed the Extended Enterprise, this includes employees, customers, contractors, partners and their respective devices and applications that reside within the enterprise or in public or private clouds. PS2 also contains improved OAuth support, strong authentication features, new Privileged Account management features, as well as customizations and user interface improvements.

The IDM 11gR2 PS2 release has 3 major themes: cloud, mobile and simplification. “For Oracle, the strategy has been the same for the last 8 or 9 years or more: It is about providing a complete solution which is integrated and open,” said Amit Jasuja, SVP, Product Development, Java, Mobile Security and Identity Management at Oracle, during the recent product launch webcast. “With Patch Set 2, there are a lot of innovative new technologies being delivered for enterprise simplification, for support for mobile environments as well as how you extend out into using cloud more efficiently.”

Oracle offers 6 key new features and functionality in the latest Identity Management 11g R2 release:

  1. The  Oracle Mobile Security Suite, which secures corporate applications and data on personal devices used for work purposes (BYOD) and delivers a consistent user experience across channels by extending identity services, such as fraud detection, user registration, access request, self-service password management and authorization management, to customer and employee digital interactions.
  2. The Cloud Access Portal, which extends the range of eSSO (Oracle Enterprise Single Sign On) beyond Windows desktops and enables users to have single sign-on access to SaaS applications available on any device, tablet or workstation including applications that require a username and password..
  3. Oracle Mobile Authenticator which provides a mobile application to simplify strong authentication for iOS and Android, replacing corporate-issued hardware tokens.
  4. Expanded Support for OAuth to support 2- and 3-legged OAuth as well as more complex use cases of obtaining consent of a user before a third party consumer application can access information on a service provider’s application site.
  5. Content Management Security, which provides granular access control to documents managed by Oracle WebCenter Suite and Microsoft SharePoint, using a policy-based model, in order to simplify and secure management of unstructured data by leveraging attributes such as role, location and clearance level.
  6. New session management and recording capabilities for privileged users to allow auditors to know “who did what” and provide forensics in case of a data breach.