Mobile Security in

the Cloud
Indus Khaitan
Snr. Director, Oracle
Rajesh Pakkath
Snr. Product Manager, Oracle
Rakesh Meena
Snr. Architect, Aurionpro
October 26, 2015
Copyright 2015, Oracle and/or its affiliates. All rights reserved. |

Safe Harbor Statement

The following is intended to outline our general product direction. It is
intended for information purposes only, and may not be incorporated
into any contract. It is not a commitment to deliver any material, code,
or functionality, and should not be relied upon in making purchasing
decisions. The development, release, and timing of any features or
functionality described for Oracles products remains at the sole
discretion of Oracle.

Copyright 2015, Oracle and/or its affiliates. All rights reserved. |

Program Agenda
1

Enterprise Mobile Trends

Oracle Mobile Security Cloud Service

Mobile Security Use Cases

Q&A

Copyright 2015, Oracle and/or its affiliates. All rights reserved. |

Mobile OS adding more in-built MDM/MAM

features

LEVERAGE COMMON IDENTITY, AUTHENTICATION

AND MANAGEMENT SERVICES ACROSS DEVICES
AND PLATFORMS

MDM

commoditized and
approaching zero dollar
value

MAM

more in-built tools and

features for enterprise
mobile security
2015
Oracleits
and/or
its affiliates.
Allreserved.
rights reserved.
Copyright Copyright
2015, Oracle
and/or
affiliates.
All rights
|

The Enterprise App Explosion

NEED A CROSS PLATFORM RAPID APP

DEVELOPMENT PLATFORM INTEGRATED WITH KEY
MOBILE SECURITY FUNCTIONS
Source: Portable and Web Apps Dominate in Our Mobile Model, Ensuring Maximum Device Flexibility
Gartner Presentation, The Current and Future State of Mobility, Van L Baker,
Jason Wong, August 2015
Copyright 2015, Oracle and/or its affiliates. All rights reserved. |

Cloud Adoption on the Rise

NEED IDENTITY FEDERATION, HYBRID ACCESS TO

CLOUD/ON-PREM AND COMMON POLICIES ACROSS
CHANNELS

Oracle Confidential Internal/Restricted/Highly

Copyright 2015, Oracle and/or its affiliates. All rights reserved. |
Restricted

We are Living in a Breach Culture

NEED RISK/CONTEXT AWARE STRONG

AUTHENTICATION ACROSS CHANNELS

Oracle Confidential Internal/Restricted/Highly

Copyright 2015, Oracle and/or its affiliates. All rights reserved. |
Restricted

Vision of the Future Forrester Research

MOBILE DEVICE CAN BE THE ULTIMATE TOKENLESS

AUTHENTICATOR

Oracle Confidential Internal/Restricted/Highly

Copyright 2015, Oracle and/or its affiliates. All rights reserved. |
Restricted

Program Agenda
1

Enterprise Mobile Trends

Oracle Mobile Cloud Platform

Mobile Security Use Cases

Q&A

Copyright 2015, Oracle and/or its affiliates. All rights reserved. |

10

Oracle Mobile Platform: Simplifies Enterprise

Mobility
Build & Deliver Mobile Apps with Seamless, Secure Access to
Mission-Critical
Data Packaged Mobile Apps
Custom
Mobile Apps
Partner Built Mobile Apps

DEVELOP

INTEGRATE

Mobile Cloud
Service

Mobile Cloud
Service

SECURE

ANALYSE
Mobile Cloud
Service

Mobile Security Cloud

Service

MANAGE
Copyright 2015, Oracle and/or its affiliates. All rights reserved.
Oracle
|
Confidential Highly Restricted

11

Oracle Identity Cloud Services

Multi-channel Application Security
Mobile Device
Management
Device centric security policies
Device enrollment
Device control
Device inventory

ID Admin &
Self Service

Social Login

Single Sign-On Mobile Security

Cloud Service

Mobile Content
Management

Oracle & 3rd Party

Connectors

Strong
Authentication

Reporting &
Analytics

Mobile Application
Management
App centric security policies
Inbuilt PIM apps
Zero code wrapping technology
Partners
App store for distribution
Secure apps built on MAF and MCS

Employee
s
Mobile Customer
s
Identity

Single sign on across mobile apps

Risk / context aware step up
authentication
Self service and delegated
administration
Certificate LCM

Secure container & app tunnel for

securely accessing and storing
corporate content
Strong DLP policies to avoid data
leakage
File manager and doc editor / viewer for
secure content collaboration

Enables Secure Access by Anyone, from Anywhere, on

Any Device
Oracle Confidential Internal/Restricted/Highly
Copyright 2015, Oracle and/or its affiliates. All rights reserved. |
Restricted

12

Oracle Mobile Security Cloud Service

Risk/context-aware Enterprise Mobility Management

Custom Apps

Multichannel

IDENTITY CLOUD SERVICE

MOBILE SECURITY

Out of band
Risk/context
aware
OTP
KBA
Biometrics

Oracle, 3rd
party, custom
MCS SaaS

On-prem Apps

Copyright 2015, Oracle and/or its affiliates. All rights reserved.

Oracle
|
Confidential Highly Restricted

13

Mobile as another factor of authentication

Risk, context aware access
Time-based One-time
Password using Oracle
Mobile Authenticator
Knowledge based
authentication using
Identity Cloud Service
Biometrics based
authentication for Secure
Workspace

OBILE DEVICES ARE THE NEW IDENTITY

Copyright 2015, Oracle and/or its affiliates. All rights reserved.
Oracle
|
Confidential Highly Restricted

14

Pre-wrapped Oracle Apps

Easy uptake of Mobile Security Services

WCC
BICS

EBS

Hundreds of Oracle on-prem and SaaS

apps pre-wrapped with Mobile
Security Services
Security functions include:

TAP

DOCS

Hybrid SSO across on-prem and SaaS

apps
Data Encryption
Device Integrity

Seibel

Primavera
JDE

Data Leakage Prevention

App distribution
Workspace and device control

Oracle Confidential Internal/Restricted/Highly

Copyright 2015, Oracle and/or its affiliates. All rights reserved. |
Restricted

15

Program Agenda
1

Enterprise Mobile Trends

Oracle Mobile Cloud Platform

Mobile Security Use Cases

Q&A

Copyright 2015, Oracle and/or its affiliates. All rights reserved. |

16

Oracle Platinum Partner

Revenue 2013-14 : 120 Million USD

Aurionpro
at a glance

NA HQ: San Ramon, California

100+ Customers
33 Fortune 500 Customers
1,340+ Employees
18 Products serving 5 Industries
Solutions delivered in 22 Countries

Confidential. Copyright 2015 Aurionpro Solutions. All rights reserved.

17

Retail Pharmacy Business Requirements

Secure in-store shopping experience
300k customers, 6k employees, 50+ retail stores
Store Employees

Business need: Easily interact with customers on the store floor instead of being behind POS
systems (Apple store like experience)
The stores already has issued tablets to access some of this info from the device web browser but
lacks a seamless user experience shared devices which requires each user to login to device level
VPN to access the data
Provide a native mobile app that employees can login using their existing network credentials to
securely view customers purchase history, suggest and process targeted offers from these shared
and controlled tablets

Store Customers

Business need: Manage refills from mobile app with a view of historical transactions on their own
device
Customer registrations keep increasing by the day and management is getting very complex
Confidential. Copyright 2015 Aurionpro Solutions. All rights reserved.

18

Retail Pharmacy - Technical Requirements

Cloud based Mobility Management with minimum disruption to business

Store Employees (B2E)

Store Customers
(B2C)
Move to a scalable
cloud IDM solution to

No re-registration of tablets use

existing MDM solution to lockdown and
manage the device

Allow active users to authenticate to the

shared devices using existing network
(AD) credentials

Customer transactions and refills should

continue to be serviced by the on-prem
Customer Information System

Restrict access to the app after store

hours

Mobile app distributed via public app

stores

No device level VPN or additional logins

should be required

Encrypt any customer data accessed

and downloaded on the device

Enable Kiosk mode - Replace device

passcode with corporate credentials and
restrict device usage to the Store mobile
app only

handle customer registrations, user

management and access functions

Confidential. Copyright 2015 Aurionpro Solutions. All rights reserved.

19

Oracle Identity Cloud Service

Store Employee Access
Oracle Cloud

Logout

Store App
(Kiosk Mode)

Get Mobile
Security Policies

Identity
Cloud
Service
Mobile
Security

Authenticate & Access with SSO

(App Tunnel)

Manage Device
(Co-exist)

Customer on-prem env

ID Bridge

Active
Directory

MSCS
Access
Server

3rd party
MDM
Server

Copyright 2015, Oracle and/or its affiliates. All rights reserved. |

Oracle Access
Manager
Pharmacy
Information
System

Oracle Identity Cloud Service

Store Customer Access
Public App Store
(Wrapped Customer
app)

Oracle Cloud
Customer on-prem env
Identity Cloud
Service

Oracle Access
Manager

Identity Management
Authentication
Mobile Security
Customer
App

Authenticate & Get

Mobile Security
Policies & Access
Authenticate
Access

Customer
Information
System
MSCS
Access
Server

Copyright 2015, Oracle and/or its affiliates. All rights reserved. |

Active Directory
(Customer OU)

Financial Institution Business Requirements

Loan Sourcing - Anytime, Anywhere

5000+ on-the-field sales agents working from remote parts of the country
Business need: Replace the current paper based micro-finance application
process with native mobile apps that could enable sales agents work from any
part of the country at any time. This would result in more business to the
company and help agents reach their sales targets more effectively.
No app development expertise available in-house
Agents want a quick and seamless user experience logging into and using
multiple mobile apps
Need app usage analytics for licensing and ROI calculation

Confidential. Copyright 2015 Aurionpro Solutions. All rights reserved.

22

Financial Institution - Technical Requirements

Cloud based Mobility Development & Management solution

Develop a native mobile app that connects to loan servicing application REST
interfaces and includes a workflow of customer identity vetting provided by 3 rd
party SaaS provider
Allow active users to user their own devices (BYOD) and authenticate to the
app using existing network (AD) credentials
Offline app access and sync to the backend Loan Servicing application is
critical as remote locations may not have network connection
Agent access from certain locations should require knowledge based strong
authentication
Agents need to connect to Oracle Document Cloud Service (DOCS) for any loan
related files to be uploaded or viewed
Agents need access to their corporate emails hosted on Office 365
Application/LOB owners should be able to view app usage analytics

Confidential. Copyright 2015 Aurionpro Solutions. All rights reserved.

23

Oracle Identity Cloud Service + Mobile Cloud

Service
Scalable Mobile Backend and Security solution
Oracle Cloud
3rd Party
Cloud SaaS
Public App Store
(O365, Pre-wrapped
Oracle DOCS)

Identity Cloud
Service

SAML Auth

Mobile Security
Identity
Risk based Authn SAML/OAuth

Vetting SaaS

Mobile Cloud Service

Develop, Workflow,
Analytics

Customer
App

OAuth

(Hybrid inter-app
SSO, Offline access)

Customer
on-prem env

OAuth

MSCS
Access
Server
Loan Servicing
System

Document Cloud
Service

SAML/OAuth
File Collaboration

Office 365

Copyright 2015, Oracle and/or its affiliates. All rights reserved. |

Active
Directory
(IdP)

Oracle Identity Cloud Service

Summary

1. Identity management + Enterprise Mobility

Management in one package
2. Support for risk/context-aware step up
authentication and authorization
3. Hybrid SSO across on-prem, Oracle SaaS/PaaS,
Oracle MCS and 3rd party SaaS providers
4. Pre-wrapped Oracle Apps on public app stores for
easier mobility management uptake

Copyright 2015, Oracle and/or its affiliates. All rights reserved. |

Oracle Cloud Platform

DATA
MANAGEMENT
IT OPERATIONS
MANAGEMENT

IDENTITY
MANAGEMENT
CONTENT &
PROCESS

APPLICATION
DEVELOPMENT
INTEGRATION

MOBILE

BUSINESS
ANALYTICS
Copyright 2015, Oracle and/or its affiliates. All rights reserved. |

26

Keep Learning with Oracle

University
Classroom
Training

Cloud

Learning

Technology

Subscription

Applications

Live Virtual Class

Industries

Training On
Demand

education.oracle.
Copyright 2015, Oracle and/or its affiliates. All rights reserved. |

27

Session Surveys
Help us help you!!
The [Program Committee J1] [organizing committeeOW]
would like to invite you to take a moment to give us your
session feedback. Your feedback will help us to improve your
conference.
Please be sure to add your feedback for your attended
sessions by using the Mobile Survey or in Schedule Builder.

Copyright 2015, Oracle and/or its affiliates. All rights reserved. |

28