An Overview About : Cloud Security Using Identity Cloud Service (IDCS)

In this post, we are going to see various aspects of how to secure your cloud data using Identity Cloud Service & some used cases.

If you are not familiar with Oracle Identity Cloud Service (IDCS) then I would highly recommend you to go through our previous post on  Oracle Identity Cloud Service (IDCS) Overview & Concepts (Click here)

Security is one of the most critical and important aspects of every new initiative. Data loss & leakage
risks, unauthorized access through misuse of credentials and improper access controls, hijacking of
accounts and malicious insiders are some of the biggest concerns that are always present in the ever
faster delivery of these new services.

The below image says that there are already huge data on cloud and security is the main concern.

Role of IAM in Cloud Security

Identity & Access Management (IAM) can provide a single aggregated view of identities to all systems, it enables multi-channel access and provides a platform to define and enforce policies at one layer to ensure consistency. An important consideration for these organizations is to define how IAM is implemented for these new initiatives/services. They can implement security for each application in a monolithic, distinct and unique fashion for that application or they can leverage a platform approach which can give them a shared single identity across multiple applications, shared services, shared
policies across multiple applications and provide cross-channel visibility.

Market Trends and Business Drivers for Cloud IAM

Increasing SaaS Adoption: More and more sales, IT and Business functions are moving to the cloud. Enterprises want to manage access to these SaaS applications as an extension to their on-premise applications.

Strong Security: As data moves from on-premise to cloud and more corporate data is exposed via multiple channels, there is a critical requirement of strong authentication for user’s access, channel security to ensure data is secure in transit and authorization controls to ensure only authorized users to access the data. Enterprises need a platform that can act as a security broker for OAuth and Federation to enable service to service communication and support Identity propagation.

Hybrid Multi-Channel Access: Any device, anywhere, anytime access is the key ask from customers which requires enabling  multichannel access for the services

Simplicity and Performance: Get users productive faster through immediate access to key applications and systems.

Co-exist with Existing IAM Infrastructure: Controlling access to cloud applications is one challenge but there is still a plethora of legacy on-premise applications.

Core Solution Components (IDCS)

Oracle Identity Cloud Service provides a number of core services, each of which solves a unique challenge faced by many enterprises.

Elastic, Multi-Tenant Platform based on Microservice Architecture of IDCS

Oracle Identity Cloud Service Management provides an innovative, fully integrated service that delivers all the core identity and access management capabilities through a multi-tenant Cloud platform. The design of the next generation Identity Cloud Service (IDCS) is based on the microservice architecture which is naturally aligned with  Cloud principles of Scalability, Elasticity, Resilience, Ease of Deployment, Functional Agility, Technical Adoption and  Organization Alignment.

Traditionally on-premise IAM implementations can be costly as they provide greater flexibility for customizations.  Oracle Identity Cloud Service is designed to provide maximum configuration to support customer business processes and reduce the burden of implementation costs. It is designed with the following key considerations:

• More configuration and less customization
• Business Friendly UI
• Focus on simplicity and ease of usage

Pay As You Go Model

• The business does not need to buy hardware to install the product. There is no upfront perpetual license cost.
• Customers need to pay only for what they use. They can scale the number of users and applications up or down as needed during their contract.
• Security teams need only manage configurations and policies. They are no longer required to do the operational activities of maintaining the solution itself. They need less specific technical skills and resources to manage the solution.
• Ideal solution for small businesses that can’t afford on-premise IAM solution Support for Open Standards

All components of IDCS are built on modern Cloud principles and use standard open stack protocols.

• OpenID Connect for browser-based user authentication
• OAuth2 for securing REST API calls
• HTTP cookies for tracking user’s active sessions
• JWT-based tokens for applications to map authenticated Cloud identities to local application identities
• SAML for providing Single Sign-on for Cross-Domain applications using Federation
• SCIM for simplified user management in the Cloud by defining a schema for representing users and  groups
• RESTful APIs for all identity functions for customization and headless operations

Server Used Cases(IDCS)

Use Case: Secure Access for Cloud and on Prem

Use Case: ID Management of External Identities

Use Case: Moving Apps to the Cloud

Please stay tuned for our future post on Oracle Cloud Identity Service where we will be more focusing on cloud security and dealing with advance terms such as  Security Information and Event Management (SIEM), Cloud Access Security Broker (CASB),  Security Monitoring and Analytics (SMA) and much more.

This post is from our Oracle Identity Cloud Service (IDCS) training  in which we  have covered everything one should know about Oracle Identity Cloud Service 

If you have any doubts please reach out to us at contact@k21academy.com

Next Task for You

Download our 7 Docs free Guide to become Expert in Oracle Identity Cloud Service(IDCS) for Security & Identity Administrator.

Click on Below image to download the guide: