Avea, a Turkish mobile operator, replaced its aging Sun identity management platform with Oracle Identity Management to improve security, compliance, and scalability. The project involved migrating 6,300 identities and integrating with 16 enterprise systems. Key challenges included defining business roles and access policies. Lessons learned included the need for role mining and testing onsite. The new platform provides enhanced self-service, provisioning performance, and ability to scale.
8. • About Avea
• Business & Technical Requirements
• What is the scope ?
• Challenges
• Lessons Learned
9. About Avea
• Avea, the sole GSM 1800 mobile operator of Turkey,
was founded in 2004.
• Member of Turk Telekom Group.
• 12.8 million customers as of the first quarter of 2012.
• Offering services to 98% of Turkey's population
through its next generation network.
10. Business & Technical Requirements
• Replace Sun IDM with OIM.
• Implement Role Based Access Control (RBAC) for entire Avea organization.
• Enhanced Self Service Workflows.
• Improve Provisioning Performance.
• Improve Security of Self Service Password Reset.
• Review process for user entitlements periodically.
• Enable new platform to scale . (Project Ph2 is on the way for dealers)
• Build accurate and customized reports.
11. Challenges
• Business Roles are not defined (OIA)
• Request & Approval processes are not defined.
• User Interface customizations on 11g R1 is not easy.
• Outsourced testing team.
• Migration from existing Sun IDM.
12. What’s in scope?
• 6300 identites (employees & outsoures)
• 16 Enterprise Systems and Applications Integration
(SAP, MS AD,Exchange,Siebel CRM, Unix Systems, etc.)
• ~150 of Roles and Access policies are defined
• 23 Request& approval workflow processes
• Attestation & SOD
14. Completed tasks ..
• SAP HR User and Organization reconciliation with RFCs.
– Hire,Update,Transfer,Fire,Transfer to Sister Company to User
– Create,Update,Delete,Disable Organization
– Resolve missing records and synch issues.
– Create groups for CC (OrgId+Title+Location)
• New Outsource Management Application is developed
on SAPHR.
– To improve data quality
15. Completed tasks ..
• SMS and IVR voice recognition based Password
Reset.
• User entitlement structure is changed for Avea
subscription system.
• HR has role management responsibility.
• Organizational Change Process has been rebuilt.
• Online end user training.
16. UI Customizations
• CC Role Management UI &Workflows
– Create New Access Policy (with template option)
– Assign Resource to AP
– Assign AP to Groups
– Assign User (Temporarily) to a Group
– ...
• NonCC UI and Workflows
– Manage Entitlements (needs Admin approval)
– Request Resource for User
• Single or Multi Privileges
– Request Group for User
– Password Reset for IT Helpdesk
– ...
17. Lessons Learned
• Product and Partner.
• You need role mining (OIA) to define business roles
and policies.
• Business sponsors.
• Tests must be performed onsite.
• Sun migration was not just an upgrade.