There are many solutions that can help organizations tackle the challenge of Oracle access management. One of Fastpath’s capabilities is helping Oracle EBS and Cloud customers with system authorizations and accounts and access management.
But why is access management in Oracle so difficult in the first place?
This article will cover three aspects that make access management in Oracle systems challenging.
The first aspect that makes access management in Oracle challenging is that typically when people build security in Oracle, they start by copying the seeded security roles. The reason this is done so frequently is that the product doesn’t lend itself easily to build security from the ground up, so it is much easier for people to take out-of-the-box security roles and whittle them down to fit their needs. Unfortunately, the Oracle seeded security roles are a difficult place to start since Oracle’s security roles are not designed to support easy Segregation of Duties (SOD) but are instead designed to allow users to test functionality quickly.
The next aspect that makes access management challenging in Oracle is that there is no change controls enforced by the system or the ability to view the impact of change on security. If there is a change to a privilege from a role, there shouldn’t be any effect on system security. However, when there is a change to a menu within Oracle, it becomes much harder to understand the impact of the menu change to the system. If a change is made to a menu, identifying all the users, all the responsibilities, and all the roles impacted by that change is not easy using out-of-the-box security.
Lastly, there is a lack of SOD information available at the time of User Provisioning in Oracle. Many organizations provision user access based on the user's responsibility—they look at the type of job the requester has and then check to see if that access is necessary for them to complete their job. But this method of provisioning users does not always check to see if the combination of all these privileges might create an SOD risk that can put the organization in peril.
In a recent webinar hosted by Oracle Applications and Technology Users Group (OATUG), Fastpath’s Richard Goddard, Senior Director of Risk and Compliance, and Neil Hooper, SVP Marketing and Sales, discussed in further detail the challenges and sources of Oracle Access Management as well as the Oracle Sources of Application Access Security Risk. Click here to watch the full webinar on-demand now.