Security Readiness Assessment Jackson Thomas Senior Manager, Sales Consulting Copyright 2015 Oracle and/or its affiliates. All rights reserved.
Cloud Era Requires Identity-Centric Security SaaS PaaS IaaS Cloud Internet of Things Social Mobile IDENTITY Big Data Copyright 2016, Oracle and/or its affiliates. All rights reserved. Oracle Public 2
Unified Threat Intelligence Security Firewall, IDS, IPS, WebProxy, VPN, AV, DLP, DAM, WAF, VA Scanners Host Windows, Linux, Unix SIEM UEBA CASB Applications 3 rd Party Apps, Oracle Apps, Custom Workloads IDM Cloud SaaS, PaaS, IaaS Networking Router, Switch, DHCP, DNS, Load Balancer Infrastructure EMM, Middleware, Database, Web Server, Hypervisor Copyright 2016, Oracle and/or its affiliates. All rights reserved. Oracle Public 3
Database Security: Attack Vectors SQL Attack Accidental Exposure DBA Permission Abuse Dev Team Snooping App User Snooping Archive Data Insider Threat APT or Malware Attack Data at Rest Attack Production Data Dev & Test Data Numerous attack vectors call for a layered, Defense-in-Depth security strategy Lost Disk or Tapes Exposed Keys Lost or Stolen Device Oracle Confidential. Copyright 2015 Oracle and/or its affiliates. All rights reserved. 4
Security Readiness Assessment Executive level, strategic engagement focused on aligning an organization s enterprise security architecture with business objectives A successful engagement will: Document an organization s current security and compliance posture Identify existing key risks and challenges Outline a desired future state architecture Recommend actionable steps on a strategic roadmap for achieving the future state Show how the recommended initiatives can deliver business value Copyright 2015 Oracle and/or its affiliates. All rights reserved. 5
Security Readiness Assessment Focus Areas User Lifecycle Management Authentication and Authorization Identity Repositories Cloud Services Database Security Operational Manageability Identity Lifecycle Management Role & Relationship Management Access Request, Approval and Fulfillment Password Management Auditing and Reporting Attestation/Certifica tion Privileged Account Management Authentication & SSO Risk-based Authentication and Authorization Fraud Detection Fine Grained Authorization Federation Social Sign-On Cloud and API Security Directories and databases containing Identity data Directory Virtualization Directory Synchronization Application Authentication Database Authentication Operating System Authentication Public cloud services employed and planned (SaaS, PaaS,IaaS) Deployment options (Public, Private, Hybrid) IAM for Cloud services (provisioning, audit, authentication, authorization, federation) Encryption Data Redaction Data Masking Access Discovery and Control Multi-Factor Authentication Data Classification SQL Injection Protection Audit and Compliance Centralized Authentication and Authorization (Optional area) Security Governance Configuration Controls Patch Management Diagnostics SLA Management Performance Tuning Copyright 2015 Oracle and/or its affiliates. All rights reserved. 6
Security Readiness Assessment Engagement Plan Executive Invitation Planning & Preparation Onsite Discovery Deliverable Preparation Executive Presentation 1 2 3 4 5 Copyright 2015 Oracle and/or its affiliates. All rights reserved. 7
SRA Customer Benefits Objective: Elevate Security Posture Focus on most important risks and challenges Support proactive planning for the future Prioritize needed improvements to reach a desired future state Facilitate cooperation on security initiatives Copyright 2015 Oracle and/or its affiliates. All rights reserved. 8
What Investment is Required? Strong executive support Strong tactical leadership Time, attention and candid participation Copyright 2015 Oracle and/or its affiliates. All rights reserved. 9