View
92
Download
2
Category
Tags:
Preview:
Citation preview
REDPOT Infotech Pvt Ltd, BangaloreTransforming Ideas to Business 1
REDPOT REDPOT SAP SAP SECURITY OPTIMIZERSECURITY OPTIMIZER
REDPOT SAP SECURITY OPTIMIZER
Reduce Security Service Costs | Make Confident Security Approvals | Increase User Productivity | Wise Business Decisions
100% WEB, MOBILE & ZERO FOOT PRINT ON SAP
REDPOT Infotech Pvt Ltd, BangaloreTransforming Ideas to Business 2
Imminent ProblemsImminent ProblemsSituation over a period, irrespective of well defined role strategy & approval process the following are bound to occur in the form of problems, security and management challenges
• Bloated Users – Identifying if users are given more roles than rest of the other users in the same position
• Redundant Roles – Roles with different names having Same Authorizations or with very minimum difference in auth objects
• Roles not in active use – Identifying roles which are assigned to users but never used in reality to perform associated transactions
• Roles not used by User – Identifying roles which are assigned but not used by the user in practical day to day operations to perform associated transactions
• ASIS Roles not in Use – Roles created but never attached to Users• Non Compliant Roles – Roles failing Compliance• Non Compliant Users – Users attached with SAP Standard Roles & Profiles
REDPOT SAP SECURITY OPTIMIZER
REDPOT Infotech Pvt Ltd, BangaloreTransforming Ideas to Business 3
Sanitizing SAP Roles & Way forwardSanitizing SAP Roles & Way forward*Since the users are already using the roles, the best way to go in this approach to avoid minimum disruption
Sanitize SAP RolesIdentify all SAP
Positions
Work Reverse to create Master Profile Roles from currently
used profiles
Create Derived RolesDe-commission Single
RolesCommission Derived
Roles to SAP Positions
REDPOT SAP SECURITY OPTIMIZER
REDPOT Infotech Pvt Ltd, BangaloreTransforming Ideas to Business 4
Sanitizing SAP Roles & Way forwardSanitizing SAP Roles & Way forward*Since the users are already using the roles, the best way to go in this approach to avoid minimum disruption
Sanitize SAP Roles
Manual Exercise REDPOT SAP SECURITY OPTIMIZER
Tool
*Requires Manual extraction,
analysis needs to be carried out in spreadsheets.
*Auto Extraction, Interface to see &
download analysis
• Time Consuming• Lacks Visual representation for easy analysis• Difficult for Management / Business Users to
Understand Results
• Saves Time• Visual representation - Grid View
• Easy for Management / Business Users to Understand Results
REDPOT SAP SECURITY OPTIMIZER
REDPOT Infotech Pvt Ltd, BangaloreTransforming Ideas to Business 5
BLOATED BLOATED USERSUSERS Bloated Roles – Identification by
Department, Profession etc
*Users belonging to same profession & department should have same roles etc..
Users
Criteria
REDPOT SAP SECURITY OPTIMIZER
TOOL SNAPSHOT
REDPOT Infotech Pvt Ltd, BangaloreTransforming Ideas to Business 6
REDUNDANT REDUNDANT ROLESROLES
*Most of the times, roles are duplicated, one can get rid of redundant roles using this matrix
Redundant Roles – Checking if any roles can be get rid of, which are
identical
REDPOT SAP SECURITY OPTIMIZER
TOOL SNAPSHOT
REDPOT Infotech Pvt Ltd, BangaloreTransforming Ideas to Business 7
ROLES ROLES NOT IN ACTIVE USENOT IN ACTIVE USE
*Most of the times, roles are assigned to positions, but they are rarely used in practical usage
Roles in Actual Use By the Department named
“Consultant”
Used Role highlighted
in RED Colour
Role Actually Accessed Data Over the last 10
months
For Department“Consultant”
REDPOT SAP SECURITY OPTIMIZER
TOOL SNAPSHOT
REDPOT Infotech Pvt Ltd, BangaloreTransforming Ideas to Business 8
ROLES ROLES NOT USED BY USERNOT USED BY USER
*Most of the times, roles are assigned to user, but the never would have used
Roles assigned vs actual Use by the user named
“DEVAKUMAR”
Used Role highlighted
in RED Colour
Role Actually Accessed Data Over the last 10
months
For User“DEVAKUMAR
”
REDPOT SAP SECURITY OPTIMIZER
TOOL SNAPSHOT
REDPOT Infotech Pvt Ltd, BangaloreTransforming Ideas to Business 9
ASIS ASIS ROLES ROLES NOT IN USE NOT IN USE
*Most of the times, roles would have been created, but would have been never associated to a user
Roles present in SAP, but never associated to any
user
TOOL SNAPSHOT
REDPOT Infotech Pvt Ltd, BangaloreTransforming Ideas to Business 10
NON COMPLIANT NON COMPLIANT ROLESROLES
*Roles which are non compliant, according basic SOX Fundamentals, user can also configure own compliance
Roles Conflicts
TOOL SNAPSHOT
REDPOT Infotech Pvt Ltd, BangaloreTransforming Ideas to Business 11
Investigative ViewInvestigative View
* This view gives you a drill down approach of authorizations for a specific user
User Authorization Investigation & Alerts
Alerts if any standard profiles & roles are
attached
Drill Down approach for
detailed authorization
s in single snapshot
TOOL SNAPSHOT
REDPOT Infotech Pvt Ltd, BangaloreTransforming Ideas to Business 12
Investigative ViewInvestigative View
*This view allows the approver to easily view the access details at a minute & easily understandable method
Drill down Authorization view with Activity Details
in easy view
Authorization Details for user abc1234
Easy View of Authorization Details
such as company code etc. accessible
to user
abc1234
REDPOT SAP SECURITY OPTIMIZER
TOOL SNAPSHOT
REDPOT Infotech Pvt Ltd, BangaloreTransforming Ideas to Business 13
SOX COMPLIANCESOX COMPLIANCE
REDPOT SAP SECURITY OPTIMIZER
TOOL SNAPSHOT
REDPOT Infotech Pvt Ltd, BangaloreTransforming Ideas to Business 14
SOX COMPLIANCESOX COMPLIANCE
Complete
REDPOT SAP SECURITY OPTIMIZER
TOOL SNAPSHOT
REDPOT Infotech Pvt Ltd, BangaloreTransforming Ideas to Business 15
USER PRODUCTIVITYUSER PRODUCTIVITY
Complete
User Diligence – Allows to set activity to performed in regular
intervals and confirms if an activity has been carried out by
the user
Selected User
Selection on a Date
REDPOT SAP SECURITY OPTIMIZER
TOOL SNAPSHOT
REDPOT Infotech Pvt Ltd, BangaloreTransforming Ideas to Business 16
Solution is ZERO FOOT PRINT ON SAPSolution is ZERO FOOT PRINT ON SAP
BW
REDPOT SAPWSERP
CRM
*ZERO FOOTPRINT ON SAP
LAN
REDPOT SAP SECURITY OPTIMIZER
REDPOT Infotech Pvt Ltd, BangaloreTransforming Ideas to Business 17
REDPOT REDPOT SAP SAP SECURITY OPTIMIZERSECURITY OPTIMIZER
REDPOT SAP SECURITY OPTIMIZER
Head Quarters
RED POT INFOTECH PVT LTD
Bangalore, India. Office: +1 646-568-7587 India: +91 80 22377044
WWW: www.redpot.inEmail: info@redpot.in
Reduce Security Service Costs | Make Confident Security Approvals | Increase User Productivity | Wise Business Decisions
Recommended