This month the ISACA Singapore Chapter is organizing a dinner talk and networking session on Wednesday, July 21. Amitpal Singh Dhillon, one of our security experts in Singapore, is presenting on the topic of “Information Rights Management - How secure are your confidential documents?”. Those who are CISA certified will attain 2 hours towards ongoing certification with this talk.

Details of the event are (sign up here);

• Time: 6:00pm - 9:00pm (Registration: 6:00pm; Dinner 6:30pm - 7:15pm; Presentation 7:15pm - 9.00pm)
• Venue: National Library Board Building, Level 5, Imagination Room, 100 Victoria Street, Singapore 188064
• Cost: S$30.00 (ISACA/IIA Members), S$45.00 (Non-Members), S$15.00 (Students) / Refer Student Registration below
• CPE: 2 Hours
• Dinner: Buffet Dinner Included (no pork no lard)
• Who Should Attend?: Information Security Managers, Analysts and Architects, IT Managers, IT Auditors, Academia and researchers involved with information systems security awareness, training, education, and professionalism.

The speaker, Amitpal Singh Dhillon is well versed in Information Rights Management and is an Identity Management Security Architect for Oracle in the Asia region. Prior to joining Oracle, Dhillon worked as an Information Systems Engineer on Corporate IdM initiatives at Applied Materials in the Silicon Valley. In addition, he has experienced the typical diversity of products from multiple vendors, including Microsoft, SUN and IBM whilst responsible for implementation of such solutions in an SAP environment. To attend the dinner sign up here. For more information on the event visit the ISACA Singapore Chapter website and look in the current events section.

Welcome to the second article in this quick quide to Oracle Information Rights Management 11g. Hopefully you’ve just finished the first article which takes you through deploying the software onto a Linux server. This article walks you through the configuration of this new service and contains a subset of information from the official documentation and is focused on installing the server on Oracle Enterprise Linux. If you are planning to deploy on a non-Linux platform, you will need to reference the documentation for platform specific information………

Early this month Oracle released the latest version of its Information Rights Management software called Oracle IRM 11g. This new version is a complete server re-write since it acquired SealedMedia a few years ago. And though I am yet to do a technical assessment of what this new system does, Oracle have taken IRM to new levels in terms of the features and levels of support it provides.

Oracle IRM 11g is now hosted inside WebLogic Server, Oracle’s enterprise class application server. This means you can leverage the authentication models which are provided with WebLogic and at last gain real time support for LDAP authentication. Windows based authentication is still available and the new IRM 11g web based management pages can leverage common SSO authentication techniques.

Oracle IRM 11g is now on RedHat, SUSE and Oracle Enterprise Linux, Windows, AIX, Solaris and HP-UX against either Oracle or a Microsoft database. The full range of certified platforms is available here. Better still there is now support for 27 major languages including Chinese and Japanese. This has resulted in Oracle sealing a number of deals in Asia due to support for double byte languages.

In Oracle IRM 11g, you can now set various time restrictions for which access to the document is valid. The server employs the concept of roles to define who can do what with a document, once a role is used at a context level. When the role changes due to new business requirements, for example the business no longer wants its suppliers to print its engineering designs, it can just make that policy change at the role level and this change is propagated to every context that uses this role.

From what I have read, the new Oracle IRM 11g server is a giant leap forward from its previous version and reflects Oracles commitment to help its clients achieve persistent security on its confidential data and intellectual property.