Oracle Identity Management Automate Provisioning to Oracle Applications

Oracle Identity Management Automate Provisioning to Oracle Applications and Beyond Kenny Gilbert Director of Technology Services Rev Jul-o 6

Agenda • About Silicon Image • Business Challenge • Solution – System components – Implementation • Lessons Learned • Our Future Direction of IDM Feb-21 © Silicon Image, Inc. CONFIDENTIAL 2

About Silicon Image • • • Fabless Semiconductor based in Sunnyvale, CA. 500+ employees 50 to 100 contingents Analyst estimate of $285 million revenue for 2006 Oracle Application live May 2003 Current release 11. 5. 10 modules include: – Finance, Manufacturing, Distribution, HR, i. Store, i. Support, Service Contracts, Quality – Self-service (i. Procurement, i. Expense and HR Manager) – Tools (Alerts, Workflow, OAM, Discoverer, BEPL, Portal, ADI , UPK and OID) Feb-21 © Silicon Image, Inc. CONFIDENTIAL 3

Business Challenge • Low quality identity data – Lack of single source of truth for identity – Lack mapping across application accounts – Lack of mapping between application accounts and HR records • Inefficient and scattered administrative processes – Manual user on-boarding and off-boarding processes across different applications – Lack of centralized self-service processes – Multiple workflows, password policies and rules across applications – Inconsistent delegated administration across applications – Consistent, orderly and timely provisioning of application accounts – After Years of audits I was still afraid of error during ever audit Feb-21 © Silicon Image, Inc. CONFIDENTIAL 4

Why Oracle? • • Solution covered all of our needs Road map that includes customer opinions Support and maintenance is with one single vendor Out-of-the-box integration with Oracle applications Leverage existing investments Flexible architecture Highly customizable to fit our business process Feb-21 © Silicon Image, Inc. CONFIDENTIAL 5

Solution • Our setup of IDM - User provisioning 1. Data feed from Oracle Application HR module 2. Master Identity Store is Oracle Id. M 3. Current target systems UNIX LDAP (Sun. One) AD Oracle Applications 11. 5. 10 • • Single password policy Attestation process for contingents Feb-21 © Silicon Image, Inc. CONFIDENTIAL 6

Solution (Continued) • Centralized self-services resource request Computer Systems Outlook Distribution Lists Contingent Workers New Placement and Extensions Oracle Responsibilities (auto and requested) Non Standard UNIX Groups Management Portal (Oracle Portal) Sonic. Wall Activ. Card Network Directory Password Reset Feb-21 © Silicon Image, Inc. CONFIDENTIAL 7

Solution (Continued) • Establish Enterprise Identity Automatic linkage of employee records with user accounts • Define framework and control of access levels Enforce strong password policies via synchronization Attribute driven provisioning workflow to automate orchestration of IT tasks Overall 80% reduction in helpdesk ticket related to Provisioning Feb-21 © Silicon Image, Inc. CONFIDENTIAL 8

Before Identity Management Before Oracle Identity Manager HR Rep. IT Dude HR department logs worker info into multiple systems Generate help desk ticket for IS and IT Generate help desk tickets for Facilities to turn on or off building access Oracle account enabled or disabled Feb-21 © Silicon Image, Inc. CONFIDENTIAL Approving Manager AD account enabled or disabled UNIX account enabled or disabled 9

After Identity Management After Oracle Identity Manager • HR has one system to work with and no longer has to create multiple helpdesk tickets • IT get requests that have been pre-approved by the BPO recorded in the workflow • SOX auditors are happy because controls are very tight and de-provisioning is fast. Oracle HR Data is transferred to identity manager Oracle account enabled or disabled Feb-21 © Silicon Image, Inc. CONFIDENTIAL AD and UNIX accounts enabled or disable Generate help desk tickets for Facilities to turn on or off building access 10

Implementation • Implementation Partner – Entology, Inc. www. entology. com • Timeline (5 months) – Proof of concept (5 days) – Discovery / Requirements Gathering – April – Prototype – Design & Build – CRP – UAT – Internal Go-Live – Sep. Feb-21 © Silicon Image, Inc. CONFIDENTIAL 11

Lessons Learned • Don’t take the same old process and try to make it work in the new tool without first evaluating best business practice. • Checking for duplicate name before creating accounts • Adding logic for new hires outside US • Not prepared for too many flavors of UNIX • Involve internal SOX audit in design meetings • Understand the skill set required for administrator. Feb-21 © Silicon Image, Inc. CONFIDENTIAL 12

Future Direction • Enable Single sign-on capability for key applications • Connect to other LDAP compliant tools for identity sharing • Add cell phone and building access to self-serve • Add additional logic for provisioning converted accounts going from contingent to employee • Add unique identifier to new user accounts • Continue to automating Feb-21 © Silicon Image, Inc. CONFIDENTIAL 13

More Id. M Information • Oracle Technology Network: http: //www. oracle. com/technology/products/id_mgmt/index. html • Oracle. com: http: //www. oracle. com/products/middleware/identitymanagement/identity-management. html Feb-21 © Silicon Image, Inc. CONFIDENTIAL 14