Security and Identity Management

Insights Library
- Integrating Microsoft Active Directory with the Oracle Internet Directory Webinar - In today's world of identity integration solutions, integration of Oracle Internet Directory and Microsoft Active Directory is key to many single sign on environments involving both Oracle and Non-Oracle technology. The purpose of this seminar is to go over the various scenarios and techniques used to integrate these to identity management environments to provide a single integrated log-in environment. The seminar will highlight the dip-assistant tool, the oracle administration tool, Active Directory profile mapping, and two techniques for windows native authentication.

Executive View

Top Level Objectives

The global and connected nature of business today has made companies more vulnerable to digital asset and identify theft, as sharing of information with business partners, employees, and third parties has increased opportunities for data loss, misuse and compromise. If these risks weren’t motivation enough, increasingly rigorous regulatory requirements are demanding that businesses implement stricter internal controls over sensitive data. Failure to comply with these regulations not only leaves your company at risk for security breaches - and the associated reputation damage and financial losses that can occur - but it can also result in severe financial penalties if your company is audited. Yet, even compliance provides only a minimum level of protection and is ultimately inadequate security for today’s myriad threats. By having a comprehensive security and identify management strategy in place, companies can establish an advantage over competitors and minimize their financial, IP and reputational risk. Just as importantly, having confidence in your security and identity management protection allows your company the freedom to push the envelope of its business.

Rolta TUSC provides services for security and identity management that provide compliance, automate processes, reduce operational and audit support costs and enable secure governed processes. Our services focus on first providing a safe, well controlled and automated IT environment to improve business performance. We then assist organizations in strategically and tactically addressing their governance, risk, and compliance requirements. If you need to more securely conduct business, feel there is misalignment between your IT security initiatives and business objectives or need to reduce compliance and support costs, Rolta TUSC is poised to help transform your business.

Solution - Innovation

Rolta TUSC provides a broad range of security and identity management services focused on helping companies securely enable their business, manage risk, automate manual processes, optimize IT efficiency in support of secure information exchange, and enable the business. Our services include:

Identity Lifecycle Management streamlines the process of managing all users and their access to applications, based on their roles within the business, throughout their lifecycle.
Security Information Management allows you to gain complete visibility into user and system activities. This solution collects all security logs in the enterprise and provides real-time notification of policy breaches and industry standard reports to satisfy regulatory compliance.
Data & Resource Protection reduces business risk, liability and insider threat by controlling access to information for all users, including privileged users. Protect your data from misuse by controlling how and where the data can be used.
Threat Management centralizes and standardizes your anti-virus, anti-spyware, and intrusion prevention across the enterprise.
Secure Web Business Enablement centrally secures access to your organization’s Web applications and services. Drive reduced cost and risk and accelerated innovation, while enhancing the user experience through improved navigation and personalization.

These services will be customized to your company’s individual needs, aligned with your business objectives and compliance requirements, and delivered in a phased, achievable approach using recent industry and technology advances.

Advantage - Insight

In addition to deep technical expertise, our consultants have real-world experience in helping companies integrate people, processes and technology to establish Department-of-Defense level security and identity management solutions. This deep technical expertise, real-world experience, knowledge of industry best practices and understanding of the IT support, operations and administration requirements of a secure environment enables us to become a trusted advisor for your business.

Benefit - Impact

All Rolta TUSC Security and Identify Management services focus on providing our customers with proactive and automated solutions to meet their complex IT security needs, surpassing the minimal compliance requirements and enabling gains in operational efficiency. As a global company, we are flexible in crafting and tailoring these solutions, allowing clients to achieve quick wins and incremental gains over time. We implement solutions based on a carefully constructed vision and roadmap and focus on establishing the necessary foundational services for IT to ultimately automate management of its security and identity management infrastructure. Finally, we provide mentoring, guidance and support, ensuring solutions and services are effectively transitioned to your IT staff for sustaining use.

Management View

Business Objectives

Companies can no longer manage security on an ad-hoc project basis. To reduce the risk of business disruptions, meet regulatory compliance objectives, adequately respond to complex security breaches, support audits and provide new enabling services to the business that are also secure, IT organizations must proactively manage risk and compliance with integrated security and identity management solutions.

Rolta TUSC provides comprehensive services to help IT organizations securely enable their business, manage risk, automate manual processes, and optimize IT efficiency in supporting secure information exchange. Our services include:

Identity Lifecycle Management streamlines the process of managing all users and their access to applications, based on their roles within the business, throughout their lifecycle.
Security Information Management allows you to gain complete visibility into user and system activities. This solution collects all security logs in the enterprise and provides real-time notification of policy breaches and industry standard reports to satisfy regulatory compliance.
Data & Resource Protection reduces business risk, liability and insider threat by controlling access to information for all users, including privileged users. Protect your data from misuse by controlling how and where the data can be used.
Threat Management centralizes and standardizes your anti-virus, anti-spyware, and intrusion prevention across the enterprise.
Secure Web Business Enablement centrally secures access to your organization’s Web applications and services. Drive reduced cost and risk and accelerated innovation, while enhancing the user experience through improved navigation and personalization.

Solution

Rolta TUSC experienced professionals work closely with IT organizations to identify risk areas and with executives to establish priorities for remediation. Using proven methodologies, deep industry experience and superior technical knowledge, we help organizations integrate a secure identity management solution that is tailored to meet the needs of the business; that is focused on business advantages, efficiencies and productivity gains; and delivered in a phased approach.

Approach

Detailed project planning at the beginning of an engagement brings clarity to the work effort and deliverables. Using Rolta TUSC’s project methodology, which spans planning, scope management, project governance, change management, communication, risk management and deployment strategy, we help ensure project success. Rolta TUSC leverages its award-winning knowledge repository to assist in an initial discovery phase assessment and roadmap planning effort. This effort:

Assesses current security capabilities, including threat management, compliance management, and reporting
Identifies existing processes and technologies in use
Identifies technology requirements and bridges for gap analysis
Identifies risks
Develops processes to evaluate and prioritize security intelligence information needed from internal and external sources
Identifies ongoing maintenance and administrative requirements of security standards
Identifies existing governance
Develops plans for aggregating security data from multiple sources into a central repository or source of truth
Forms an integrated approach
Collects business requirements
Collects information on security and identity controls
Determines appropriate controls and addresses incidents
Identifies business drivers and use cases for IT systems and profiles for secure information access enablement

This information is used to validate and prioritize requirements for the construction of a phased approach and an overall roadmap and plan. We distribute this roadmap to business and IT stakeholders for feedback, enabling further refinement to actionable plans. Next phase activities include providing:

Enhanced controls for security, and repairing or deploying technology components.
Administrative user mentoring and transition
Operational mentoring and transition
Planning and governance
As-built installation and configuration guides
Next phase plans and as-built impact assessment

Business Value

With a clear understanding of security and identity management goals, priorities, options, costs and resource requirements, you can obtain the sponsorship and resources you need to move forward with your efforts and dramatically reduce the risk of failure, theft, non-compliance, regulatory penalties and misuse of digital assets. The ultimate impact of an effective, aligned security and identity management system is what is not experienced. By ensuring that you don’t become a victim of security breaches, you empower business users and positively impact profitability and competitiveness.

Technical View

Technical Issues

Technical advancements and threats outpace nearly every organization’s ability to manage security and identities. The operational and administrative management costs of providing these services are only outweighed by the cost of not performing them, yet IT continues to feel the pressure to do more with less. With constrained resources, many IT organizations today are only performing minimalistic, compliance-mandated action items in response to failure, non-compliance and audit results. To provide true security, IT organizations must become proactive in the management and protection of their digital assets. They must create a roadmap and begin to execute against a well-devised, holistic plan to address security and identity management.

Solution Components

Rolta TUSC provides a comprehensive array of services focused on aligning IT and business needs and delivering an integrated system for security and identity management. Our diverse services can be customized and tailored for your business’ unique circumstances. Our services include the following and leverage advanced security and identity management offerings from CA and Oracle:

Security/Identity Workshops
Security/Identity Assessments
Security/Identity Roadmaps and Planning
Security/Identity Discovery, Risk, and Scoping
Security/Identity Multi-Vendor fit and Gap Analysis
Security/Identity Architectures
Security/Identity Health-Checks
Secure Information Encryption Services
Security/Identity Development and Integration Services
Security/Identity Testing Services
Security Penetration, Hi-Jack, and Hack attack Testing
Security/Identity Implementation Services
Security/Identity Hosting Services
Security/Identity Managed Services
End to End Security and Identity Implementation and Consulting
LDAP/Directory Services (Design, Virtualization, Consolidation, and Synchronized Integration)
Identity, Access Management and Role Management Services
Identity Provisioning and De-Provisioning automation
SSO and RSO services
Federation
Password Synchronization & Resets
Workflow automation
Legacy Connectors and Integration
Data Migration of Identity Information
Site Hosting and Monitoring
Off-Site Supplemental Support

Implementation

In conjunction with your IT organization, Rolta TUSC will devise a phased project plan, aligned with business requirements, that is both actionable and achievable. Priorities include IT operational and administrative efficiencies, achieving quick wins and providing improved security and identity management functionality.

How Does it Fit and Why is it Different?

Security and identity management is a core focus area for Rolta TUSC. Our experts are thought leaders with experience in the most demanding Department of Defense and commercial environments. Our consulting experts have extensive technical and operational backgrounds and craft solutions are not only holistic, but that are designed for ongoing sustainability and maximum business impact.