Oracle has announced expanded capabilities for Oracle Identity Manager to help enterprises significantly improve compliance and reduce potential for fraud. The enhancements to Oracle Identity Manager, Oracle's user provisioning and identity administration solution, allow enterprises to enforce more granular segregation of duties (SoD) in enterprise applications, including the Oracle E-Business Suite, Oracle's PeopleSoft Enterprise and SAP ERP applications.
"SoD policy enforcement is a critical component of user provisioning, but without support for heterogeneous IT environments it can become a cumbersome, costly and error-prone process," states Amit Jasuja, vice president, Oracle Identity Management. "With the enhancements to Oracle Identity Manager, we believe we have greatly simplified the process. By automating and integrating SoD policy enforcement with disparate IT systems and applications, Oracle is furthering its commitment to help customers reduce security risks, comply with industry regulations and lower cost of ownership."
Oracle Identity Manager includes a new SoD integration architecture that provides complete, hot-pluggable support for leading SoD engines including Oracle Applications Access Controls Governor and SAP Business Objects Access Controls. Real-time monitoring and enforcement of SoD policies enables enterprises to significantly reduce security risk from fraudulent activities, comply with regulations such as Sarbanes-Oxley and reduce total cost of ownership (TCO).
With the enhanced capabilities of Oracle Identity Manager, SoD policy enforcement becomes an integral part of the provisioning and account request approval processes, enabling enterprises to reduce security risks from error-prone manual provisioning and apply consistent access policies across all applications and systems; leverage domain expertise, validation policies, workflows and comprehensive SoD libraries within SoD engines to lower TCO, and enforce preventive controls; as well as maintain a complete audit trail, including SoD conflicts, across multiple applications and IT systems.
Oracle is also shipping the new Oracle Identity Manager connector for SAP that is integrated with the enterprise process for user and role administration. With it, SoD conflict check is always performed, whether the privilege was requested directly or indirectly through a role and can be configured to be done before or after any approval workflows; and an SoD conflict is always recorded in the identity management audit trail and can result in new exception workflow for special approvals.
Additionally, Oracle is now shipping the new Oracle Identity Manager Connector for the Oracle E-Business Suite that comes pre-configured with Oracle Applications Access Controls Governor, providing real-time SoD validations for granular, responsibility level user provisioning in the Oracle E-Business Suite applications; and makes Oracle Identity Manager the central source of identity management data across all user directories and Oracle EBS user stores eliminating the need for point-to-point integrations.
For more on Oracle Identity Manager, go here.