One of the world’s largest pharmaceutical companies, Merck & Co., Inc. discovers, develops, manufactures, and markets a broad range of innovative products to improve human and animal health, directly and through its joint ventures. At the heart of Merck’s operations are thousands of researchers and scientists who invent, develop, and test new pharmaceutical products in a network of laboratories around the world.
As a pharmaceutical company, Merck operates in a highly regulated environment. As such, it must ensure that its employees, as well as other partners, can access the resources that they need to conduct research, while maintaining the ability to prevent unauthorized access to sensitive information and deprovision employees rapidly when needed, such as following completion of a research initiative. Merck required an identity management system that could simplify the access management process for 160,000 internal users and approximately 90,000 external users.
Merck selected Oracle Identity Management 11g and Oracle Identity Governance Suite to help the IT department establish a centralized, repeatable federated identity management service that not only effectively provisions access to Merck’s extensive Web-based research applications but also enables security professionals to easily control and audit which users can access which resources at which times to ensure compliance with various regulatory mandates, such as the Health Insurance Portability and Accountability Act (HIPAA).
The company also created a foundation for a paradigm shift in its approach to identity and access management. With Oracle Identity Management 11g Release 2 the company hopes to launch a business-centric approach to identity management and access control that will enable users to select the entitlements they need, put them in an electronic shopping cart, and check out. The system will enable users to view only entitlements for which they are authorized, based on their roles and responsibilities.