SAP GRC Access Control ■ Core foundation relies on static, role-based access controls ■ Focus on roles & transactions ■ Relies on generic SoD rules ■ Fine-grained controls require customizations Appsian Adaptive Data Control ■ Extends SAP GRC policies by layering dynamic, attribute-based access controls ■ Focus on context & data ■ Provides real-time, preventative SoD and business process controls ■ Enables fine-grained controls via configuration SAP GRC, Reporting Capabilities ■ Relies on scheduled audits ■ Frequent false positives on SoD violations ■ Limited context in log records ■ Raw CSV export format ■ Requires manual correlation of events Appsian360 Real-Time Analytics ■ Monitor transaction usage, master data changes, SoD violations ■ View actual SoD violations with user, data, and transaction correlation ■ Segment reports by user/data attributes ■ Drill down into end-user usage events Appsian and SAP GRC Access Controls Enhance Access Governance Dynamic Controls and Real-Time Visibility Enhance Control with Appsian ABAC Improve Visibility with Appsian360 SAP GRC Access Control identifies and prevents access and authorization risks by ensuring that the right access is given to the right people based on an employee’s role. Unfortunately, these roles are static, meaning they do not leverage contextual attributes common in today’s dynamic workplace. They require manual updates as users move around the organization and change their job scope. Appsian extends the existing SAP GRC Access Control with data-centric security policies that leverage the context of access to reduce risk. While SAP GRC assigns access based on specific roles, Appsian’s dynamic rules consider the context of access (who, what, where, when, and how) before allowing access to transactions or data. This enhanced approach overcomes the limitations of traditional SAP GRC access controls, enabling granular control and visibility that allows you to fully align SAP security policies with the objectives of your business while streamlining audits and compliance. 8111 Lyndon B Johnson Fwy. Dallas, TX 75251 +1 (469) 906-2100 [email protected] © Appsian

Appsian and SAP GRC Access Controls

Download PDF Report

Upload
others
View
4
Download
0

Embed Size (px)

Citation preview

Page 1: Appsian and SAP GRC Access Controls

SAP GRC Access Control■ Core foundation relies on static, role-based access controls■ Focus on roles & transactions■ Relies on generic SoD rules■ Fine-grained controls require customizations

Appsian Adaptive Data Control■ Extends SAP GRC policies by layering dynamic, attribute-based access controls■ Focus on context & data■ Provides real-time, preventative SoD and business process controls■ Enables fine-grained controls via configuration

SAP GRC, Reporting Capabilities ■ Relies on scheduled audits■ Frequent false positives on SoD violations■ Limited context in log records■ Raw CSV export format■ Requires manual correlation of events

Appsian360 Real-Time Analytics■ Monitor transaction usage, master data changes, SoD violations■ View actual SoD violations with user, data, and transaction correlation■ Segment reports by user/data attributes■ Drill down into end-user usage events

Appsian and SAP GRC Access ControlsEnhance Access Governance Dynamic Controls and Real-Time Visibility

Enhance Control with Appsian ABAC

Improve Visibility with Appsian360

SAP GRC Access Control identifies and prevents access and authorization risks by ensuring that the right access is given to the right people based on an employee’s role. Unfortunately, these roles are static, meaning they do not leverage contextual attributes common in today’s dynamic workplace. They require manual updates as users move around the organization and change their job scope.

Appsian extends the existing SAP GRC Access Control with data-centric security policies that leverage the context of access to reduce risk. While SAP GRC assigns access based on specific roles, Appsian’s dynamic rules consider the context of access (who, what, where, when, and how) before allowing access to transactions or data.

This enhanced approach overcomes the limitations of traditional SAP GRC access controls, enabling granular control and visibility that allows you to fully align SAP security policies with the objectives of your business while streamlining audits and compliance.

8111 Lyndon B Johnson Fwy. Dallas, TX 75251 +1 (469) 906-2100

[email protected]© Appsian