RealTime IT News

Can Oracle's Identity Manager Tackle Compliance?

Oracle on Wednesday announced the release of the latest version of its Identity Manager software, a key security and access management component of its Fusion middleware platform.

Oracle Identity Manager is a user provisioning and administration application that allows companies to automate the process of adding, updating and removing user accounts from applications and directories.

Managing and documenting who has access to customer data remains a significant challenge for companies scrambling to meet regulatory mandates such as Sarbanes-Oxley, FFIEC and PCI.

Oracle claims Identity Manager improves regulatory compliance by providing granular reports that attest to who has access to specific data, resources and information.

"The new release of Oracle Identity Manager further delivers on our commitment to provide customers provisioning software that helps them more efficiently meet compliance requirements while improving security and the overall user experience," Hasan Rizvi, vice president of Identity Management and Security Products at Oracle, said in a release.

"With this release, organizations can more rapidly experience the benefits identity provisioning delivers across their diverse IT environments," he added.

Identity Manager includes additional attestation support to automate the ongoing certification of access privileges and 19 new compliance and operational report templates for streamlining the audit process.

It also includes a Web-based workflow designer to simplify the creation and maintenance of provisioning and approval workflows.

In July, Oracle acquired Bharosa, a provider of multi-factor authentication and fraud detection software, to round out its identity access management (IAM) portfolio and augment this latest version of Identity Manager.

According to Forrester Research, the identity access management software market will surge to more than $12.3 billion by 2014.

Bharosa's Tracker application verifies several factors to confirm identity, including the PC and mobile device used to log-in, as well as a user's location and behavioral profiles to score risk and alert organizations to potential fraud.

This multi-factor authentication, now incorporated in Identity Manager, can be applied without requiring any change to the user experience.