Apr 13, 2017
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Oracle Mobile Security Suite
Jernej Kaše Transformation Consultant Partner Transformation team Oracle ECEMEA A&C
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Safe Harbor Statement
The preceding is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
4
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
How about… mobile!
5
Research by 451 Research
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Oracle Mobile Solution Continued Innovation
Mobile Application Framework Mobile Cloud Service Mobile Security
6
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
TO CLIENT DEVELOPMENT TOOLS
Oracle Mobile Cloud Service Mobile First meets API First
NEW SERVICES & API’S
BUSINESS IMPACT
PRE-BUILT MOBILE SERVICES
SECURITY
CONTINUOUS DELIVERY SDLC
7
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
OF DEVELOPMENT
Oracle Mobile Application Framework Mobile First meets API First
FOR COMPLEX BUSINESS LOGIC
IN MCS SUBSCRIPTION!
MOBILE DEVELOPMENT
FOR BEST USER EXPERIENCE
8
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
CORPORATE APPS AND DATA
Oracle Mobile Security Suite Mobile First meets API First
INTEGRATED
TO MOBILE DEVICES
SUPPORTS MOST APPS
9
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Mobile Security: New IT Challenges Secure Mobile Access to Enterprise Apps & Content
• Mobile Devices Pose New Threat Vector
• Emerging OS architectures limit traditional IT approaches
• IT Security risks for supporting BYOD
• Consumerization of IT is resetting user expectation
• Data Theft and Leakage from Mobile Devices
• Infrastructure siloes are increasing IT complexity
• Increased cost for remote access infrastructure for always-on devices
• Rapid app development is putting security in the back seat
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
80% 67% 89%
By 2015, mobile app development projects will
outnumber native PC projects by 4-to-1
Use tablets to work remotely
65% use to check email
Mobile devices already connect to corporate networks
Source: Forbes: Mobile Business Statistics For 2012
Mobile Usage in the Enterprise Driven by IT Consumerization
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Mobile Security Key Requirements for Mobile Security
• Extend corporate identity to mobile
• Separate personal and corporate data
• Pre-emptive threat mitigation
• Extend organizational security policies
• Preserve native app experience
• Enable IT control while maintaining user privacy
• Mobile device management
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Oracle Mobile Security Secure Container/Workspace for App Security and Control
• Separate, protect and wipe corporate applications and data on mobile devices
• Strict policies to restrict users from
viewing/moving data out of container
• Consistent support across multiple
mobile platforms
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Oracle Mobile Security
• Easily add new applications without requiring source code access or detailed coding
• Decouple security deployment & app development
• Injection-based approach. No SDK.
• Single sign-on and Data Leakage Prevention
Secure Container/Workspace for App Security and Control
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Oracle Mobile Security
• Secure communication with enterprise application servers
• Eliminate VPN requirements, reducing costs and risks
• Provide context-driven, risk-aware access to enterprise apps
• Enterprise app store/catalog
• Device enrollment and provisioning
• Prevent rogue apps, access to internal network only for white-listed apps
Secure Access, Device and App Management
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Oracle Mobile Security Secure Access, Device and App Management
• Consistent User Sign-on and Entitlements between desktop and mobile platforms
• Common users, roles, policies, access request, cert etc.
• SSO and authorization for native and browser apps
• Risk/policy based step up and strong authentication
• RESTful Identity Services
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Securing External Mobile Applications Accelerate deployment of Consumer Facing Applications
• Protect user data with API security for Internet facing mobile applications
• Enable consistent user experience across platforms with mobile access management
• Secure mobile app development by externalizing security requirements
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Comprehensive Mobile Security Address BYOD and COPE use cases
• Device Level Security (New) – Device enrollment, administration and provisioning of
apps
– Device level policy enforcement
• MAM Support for shared devices (New)
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Device Management Features Secure corporate owned devices
Enrollment
– Self service device registration
– Automated configuration of profiles, settings and certificates
– Device registration authentication using OAM or Active Directory (same SSO credentials)
Enforce Device restrictions
– Enrollment – detect and enforce at enrollment
– Provisioning – provision role based apps
– Compliance – detect and remediate
– Dynamic policy enforcement
Device Actions
– Remote selective wipe, remote device lock/unlock/full wipe, reset device passcode
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
• App Management and distribution
– Whitelist/Blacklist apps
– Onboard, provision and uninstall apps
– Single App Catalog (within Secure Workspace app) to limit selection and distribute
containerized and non-containerized corporate apps
– VPP Licensing Integration - coming in 12c
• Monitoring
– Setup message alerts, email for specific device functions/violations
– SMS - coming in 12c
– Data rich device and app inventory can be used to create custom reports using BI Publisher
Device Management Features Secure corporate owned devices
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
OMSS 11gR2 PS3 Deployment Architecture
2 Deployment Models
– OAM Integrated
oMSM administration using OAM Admin console
oMSM end user self service console
– OIG Integrated
oMSM administration and self service using OIG self service and admin
consoles
2 Modes
– MAM only. Can co-exist with other MDM solutions.
– MAM + MDM. Possibly replace existing MDM solutions.
IdM
Mobile
Security
Suite
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
OIM Self Service Console Integration
• Unified console for Admins and End users
• View Devices, Workspaces and Apps from Self Service Console
• Manage devices/workspace actions for self or others
• Define Mobile Apps, Policies and associate to OIM Roles
• Leverage role request to get mobile enabled
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Shared Devices
Multiple employees logon to a single workspace on the same
shared device
– Nurses station
– Retail outlet
– Manufacturing floor
Wipe at each logout (data does not persist)
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
MAF Features
Leverage OMSS for apps developed using MAF
– Data Leakage Protection policies
– Ability to Lock/Wipe data stored in the device
– Ability to leverage device restrictions
– Secure Storage – DB and file system
Option to turn-off MAF native encryption for developers
– Secure Networking (In App VPN) support
– SSO between Mobile apps
– Enterprise Appstore provisioning support
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Demo Andy Smith Snr. Director of Product Management
26
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Q&A Oracle IMC blog: http://blogs.oracle.com/imc
Oracle ECEMEA Partner Hub Homepage: http://oracle.com/goto/hub-ecemea
Oracle IMC Mail: [email protected]
Twitter: http://twitter.com/oracleimc
Facebook: http://facebook.com/oracleimc
LinkedIn: http://linkedin.com/groups/OracleIMC-4535240
Google+: http://plus.google.com/+OracleIMC