When the State of Delaware decided to implement an identity management system,
Oracle Identity and Access Management Suite offered a long-term solution, says
Lynn Hersey-Miller, chief program officer, Department of Technology and Information.
“We used open enrollment as the catalyst for an enterprisewide identity and access management project,” recalls Lynn
Hersey-Miller, chief program officer for Delaware’s Department of
Technology and Information (DTI). Hersey-Miller and her team
evaluated several market-leading identity management products.
They picked the Oracle Identity and Access Management Suite
for its tight integration with Oracle’s PeopleSoft applications, the
flexibility of its federated identity management capabilities, and
its sophisticated multiple-factor authentication capabilities. “We
wanted to develop a long-term solution that would govern access
to all types of applications, not just PeopleSoft applications,”
Hersey-Miller says. “We felt confident that the Oracle product
was going to do what we needed it to do.”
The state purchased the Oracle Identity and Access
Management Suite in June 2006 and went live with its new
open-enrollment system in February 2007. Three months
later, approximately 12,000 employees used the Oracle software to enroll for their benefits.
“Getting the majority of state employees to renew their benefits online was a huge undertaking, so we wanted to make it
as simple as possible,” says Michele C. Ackles, deputy principal
assistant in DTI. “It’s not easy to convince 15,000 people that
something they have done on paper all their lives will work
[online], let alone be easy to understand.”
Pn Narayanan, DTI’s project management team leader,
saw the open-enrollment project as an opportunity to deploy
centralized identity management that could support other
software applications as well. “In the past, individual agencies
created unique security capabilities for just about every application,” he says.
Oracle’s Jasuja says developing discrete authentication,
access, and provisioning capabilities for each application is not
uncommon, partly because doing so ensures a highly granular
level of control. However, such practices become a maintenance headache for developers and a burden for the user
community, which has to remember unique user IDs and passwords for multiple applications. That’s why he believes centralized investments in identity management software quickly
pay for themselves.
“Centralized directories are simpler to maintain over time,”
he says, “and dealing with distinct security for each application complicates audits and compliance efforts.”
In the State of Delaware’s case, the new identity management framework supports single sign-on to three applications. One is the open-enrollment application, which will
soon enable all 35,000 state employees to renew their health
benefits. The second is a public safety application that enables
8,000 law enforcement officers and court officials to review
protective orders as part of the Violence Against Women Act.
The third is a transportation application that lets approximately 700 truckers file their International Motor Fuel Tax
Additionally, DTI is working with Delaware’s Office of
Pensions to support Oracle’s PeopleSoft ePay module. This
will give government workers a consistent login process for
reviewing retirement and payroll processes from anywhere in
the world. The advantages of single sign-on will soon apply to
Delaware citizens as well, many of whom use the internet to
access public information resources.
“When citizens enroll in a state college, report a crime, or
sign up for a business license, we want them to be able to use
one login and password,” says DTI’s Narayanan. “They should
feel like they are dealing with one state, no matter how many
agencies they interact with.” O
David Baum ( email@example.com) is a freelance business writer based in
Santa Barbara, California.
READ more about Oracle Identity Management
INVESTIGATE service-oriented security
BROWSE the Oracle Identity Management Resource Library
DOWNLOAD Oracle Adaptive Access Manager