Enterprise IAM: How Oracle is Modernizing IAM with Microservices
Highlights from Simeio’s July 29th “Ask Me Anything Coffee Talk Series”
Last Wednesday’s Coffee Talk was another interesting and informative session. The topic was “Enterprise IAM.” The session hosts were Eleanor Merritt, Senior Vice President IAM at Oracle, and Kamal Narayan, Director of Oracle IAM Product Management. Here are some of the session highlights.
What is a high-level overview of enterprise IAM?
Enterprise IAM has evolved from on-premises to identity management anywhere. This includes on-premises, in the cloud, and across multi-clouds. In Oracle’s case, our services deliver portable IAM solutions that can be deployed within any IT environment. We have container technologies and Kubernetes that take advantage of generic solutions to optimize the management experience. Enterprise IAM includes all the identity components, like access, multi-factor authentication, governance, etc. It provides the flexibility to run systems, however, and wherever, you want.
Enterprise IAM is not a one-size-fits-all solution, particularly for larger enterprises, with both legacy on-prem applications, and applications in the cloud. Large enterprises don’t want to be tied to one cloud provider, so they spread different applications across multiple clouds.
Identity is central to the application ecosystem that binds apps together. Yet, the perimeter is also changing identity for enterprises, particularly for auditors and CISOs dealing with compliance. It’s critical for ensuring who has access to what. At the same time, productivity for end-users should not be affected. Everyone needs the right level of access, no matter the location, while still maintaining compliance.
Whether a B2B or B2C environment, enterprises need to sort out their access and governance issues through a single deployment. They can’t afford to have only siloed deployments. The flexibility of having a single deployment, or a multiple deployment solution, should be a choice for the organization. Regardless, they need to have control over the policies and various managed nodes, based on risk. The key is to support a highly scalable solution, without disrupting business.
How is Oracle modernizing enterprise IAM, and what is your strategy going forward?
In the past, Oracle had been focused on providing a monolithic offering. But now we’re transforming the business into a more simplified solution, through micro-services. The idea is for customers to have their existing IAM portals within their physical environments while extending their capabilities with contextual risk management services to multiple clouds.
The strength of Oracle has always been a modular architecture. We are now leveraging the strength of our architecture and moving in such a way that the functionality can be externalized through micro-services. At the same time, there are use cases that warrant continuous, adaptive security. We are building intelligent and adaptive algorithms, using AI and machine learning.
In the past, Oracle provided the framework, and let customers build solutions with various tools. Now, we are enhancing the framework and providing ready-made solutions, so customers don’t need to build solutions from scratch and run them within multi-cloud environments. This also ensures DevOps is modernized to reduce the cost and risk, and to ensure the customer always has the latest version and newest features, through incremental and rapid releases.
Modernization is not only about the architecture and delivering changes fast. It also encompasses taking some of the tedious administrative work of lesser value, and streamlining those tasks with machine learning and AI. To me, modernization is enabling customers to focus on solving their own unique challenges, and we take care of anything we can address through our software.
Because everything moves so quickly in the software industry, our product architecture needs to be flexible. To that end, Oracle has an identity trial service that allows customers to run their access management and multi-factor authentication solutions. Another form of modernization is analyzing our user feedback to enhance software functions and improve the user experience.
How is Oracle IAM different from other IAM vendor products?
Oracle IAM is recognized as a compelling solution for big companies with large scale and specific business needs, built with high-availability. Our ability to configure and manage extremely complex use cases has been our strength.
IAM SaaS vendors are going after small and medium-size customers, that have less complexity. For example, when provisioning users, there are only so many rules you can have. But when a company has 50,000 or 100,000 users, there is much more that needs to be considered. That’s not to say Oracle isn’t interested in smaller companies. The work we are doing on our cloud service will enable us to attract those businesses, too.
We’ve also enabled greater customization and extendibility within our IAM solution. That’s where Simeio comes in, with great customization that meets our customer’s unique needs. For example, complex certification or authentication policies, or building custom connectors, while meeting compliance standards. We were the first IAM vendor that allowed modernizing access requests through chatbots. We provided the APIs, but our partners, like Simeio, are the ones productizing these solutions, making it easy for customers to leverage our solution. They extend our capabilities, by providing custom solutions, like chatbot-based access request, straight out-of-the-box.
Has the COVID-19 pandemic made any difference to Oracle IAM deployments?
At the beginning of the pandemic, state government institutions were overwhelmed with unemployment benefits requests. They needed to scale up quickly, and with some tweaking, we were able to help them scale rapidly.
We saw a massive increase in business in some areas, like government. But other areas, like retail, were not as active. However, now with social distancing, more retail is moving online, which brings exciting new opportunities and challenges for our IAM business. We’re also seeing new and unique challenges for students. For example, how are they going to take their SATs? How are schools going to guarantee the identity of students taking the exam? So, many new challenges need to be met, because of COVID-19.
Due to the pandemic, working from home is now commonplace. Because of this, many customers want to enable two-factor authentication for their non-VPN users. Our IAM makes it easy to make a simple change, to control users coming in from untrusted networks. Additionally, we had some customers that couldn’t upgrade and needed to remain on the same version for a longer period of time. We have extended our support for those customers beyond the September of 2020 deadline to December of 2021.
We’ve just touched upon some of the conversation. If you want to learn more, you can watch this and other on-demand Coffee Talk sessions at https://www.brighttalk.com/channel/17142.
We hope you can join our next Coffee Talk, where you can chat with IAM experts, ask questions, and gain insights into how you can lower operational costs and achieve greater security and privacy using IAM. Click here to sign-up.