Click here to load reader

SAP Identity Management and Provisioning Service – Roadmap · PDF filemanagement across SAP, non-SAP, various IT and cloud solutions Improve productivity with self-services such

  • View
    270

  • Download
    1

Embed Size (px)

Text of SAP Identity Management and Provisioning Service – Roadmap · PDF filemanagement across...

PUBLIC

Kristian Lehment, SAP SE

Christian Cohrs, SAP SE

July 2017

SAP Identity Management & Provisioning Service Roadmap

2PUBLIC 2017 SAP SE or an SAP affiliate company. All rights reserved.

The information in this presentation is confidential and proprietary to SAP and may not be disclosed without the

permission of SAP. This presentation is not subject to your license agreement or any other service or subscription

agreement with SAP. SAP has no obligation to pursue any course of business outlined in this document or any related

presentation, or to develop or release any functionality mentioned therein. This document, or any related presentation

and SAP's strategy and possible future developments, products and or platforms directions and functionality are all

subject to change and may be changed by SAP at any time for any reason without notice. The information in this

document is not a commitment, promise or legal obligation to deliver any material, code or functionality. This document

is provided without a warranty of any kind, either express or implied, including but not limited to, the implied warranties

of merchantability, fitness for a particular purpose, or non-infringement. This document is for informational purposes

and may not be incorporated into a contract. SAP assumes no responsibility for errors or omissions in this document,

except if such damages were caused by SAPs willful misconduct or gross negligence.

All forward-looking statements are subject to various risks and uncertainties that could cause actual results to differ

materially from expectations. Readers are cautioned not to place undue reliance on these forward-looking statements,

which speak only as of their dates, and they should not be relied upon in making purchasing decisions.

Legal disclaimer

3PUBLIC 2017 SAP SE or an SAP affiliate company. All rights reserved.

What data is critical to you?

Risk based security investments

Do you also protect your data or only the underlying infrastructure?

Customer data

Employee data

Processes

ContractFinancial data Leads

Marketing results

Production process

Product composition

Vendor information

Specifications

Where is that data mainly stored?

SAP systems

Mails

Cloud drives

Files

Infrastructure

SAP systemSecurity measures on infrastructure level are mandatory. But the threat

landscapes changed and for most companies the SAP systems are a

black box related to security.

The paradox: the black box contains often the most critical data

4PUBLIC 2017 SAP SE or an SAP affiliate company. All rights reserved.

SAP helps protect your digital business

Transactions and data must be secured throughout the entire end-2-end business process

Cybersecurity is a critical element in the Digital Transformation journey

1. Customers and employees are hyper-connected, always on, with seamless access anywhere and anytime

2. Cloud and hybrid cloud environments have become the norm, challenging traditional Protect the 4 walls security approaches

3. Digitally connected supply chains are based on high trust and availability of all parties

4. The Internet of Things and Big Data bring unprecedented data streams and volumes

5. Confidentiality, integrity, and availability of data is the basis for secure operations and trusted relationships

5PUBLIC 2017 SAP SE or an SAP affiliate company. All rights reserved.

SAP Identity Management

SAP Identity Management and Access Control

In the SAP security product portfolio

SAPBusiness

Suite

SAP Cloud PlatformSAP NetWeaver

Application Server

SAP Access Control

SAP Identity Management

Make it simple for users to do what they are allowed to do

Know your users and what they can do

SAP Single Sign-On

Ensure corporate compliance to

regulatory requirements

Platform Security

Make sure that SAP solutions run securely

SAP Enterprise Threat Detection

Counter possible threats and identify attacks

Add-On for Code Vulnerability

Analysis

Find and correct vulnerabilities in customer

code

SAP Cloud Platform Identity

Authentication

SAP Cloud Identity Access

Governance, access analysis

service

Manage access,

users and

compliance in the

cloud

SAP HANA

3rd Party Systems

SAP S/4HANA

SAP Cloud Applications SAP Cloud

Platform Identity Provisioning

SAP Cloud Platform Identity

Provisioning

SAP Identity Management

7PUBLIC 2017 SAP SE or an SAP affiliate company. All rights reserved.

Use centralized software to lower risk and manage the full identity lifecycle of users. Keep operations running efficiently and

affordably, while protecting applications and data. Provide user access according to current business roles. Workflows and

user interface are highly flexible and configurable without the need for development skills

Lower IT support costs and reduce risk with centralized user identity

management across SAP, non-SAP, various IT and cloud solutions

Improve productivity with self-services such as automatic password resets

and rules-driven workflows

Improve insight and compliance with centralized, integrated logging and

reporting

Boost flexibility with standards-based functionality that integrates fully with

company processes

SAP Identity ManagementProduct description

8PUBLIC 2017 SAP SE or an SAP affiliate company. All rights reserved.

Enables the

efficient,

secure and

compliantexecution of business

processes

Key capabilities

Manage identities and

permissions

SAP Identity

Management

Ensures that the

right users have the

right access to the

right systems at the

right time

Consistent user

roles and

privileges

Across

all systems and applications

Holistic approach

9PUBLIC 2017 SAP SE or an SAP affiliate company. All rights reserved.

Use cases in the identity lifecycle

How long does it take for new

employees to receive all permissions

and become productive in their new

job?

Are permissions automatically

adjusted if someone is promoted

to a new position?

Who has adequate permissions

to fill in for a co-worker?How long does it take to remove ALL

permissions of an employee? And how

can you ensure that they were properly

removed?

How can you remove permissions

automatically if employees

change their position?

10PUBLIC 2017 SAP SE or an SAP affiliate company. All rights reserved.

Strengths of SAP Identity Management (1/2)

Centralized Identity Management and provisioning of user data and related permissions for the entire

heterogeneous company landscape both for SAP and non-SAP applications

Fully automated synchronization and lifecycle of

employee identities integrated with SAP HCM and

SuccessFactors

Integration with SAP Business Suite

Optional integration with SAP Access Control for

exemplary compliancy and auditability

IT systems connectivity and IT user provisioning

Many SAP and non-SAP connectors from SAP at no extra

cost and exemplary support for business applications

Additional non-SAP connectors are available via partners

(separate pricing by partner)

Connector Development Kit and Virtual Directory Server

SAP SCM

SAP ERP HCM

SAP ERP

Java Database

Legacy

OS

Lotus Notes

MS Exchange

SAP applications Non-SAP applications

SAP Identity Management

SAP Access

Control

SAP SuccessFactors

Web Apps

SAP HANA

Portal

Active Directory

11PUBLIC 2017 SAP SE or an SAP affiliate company. All rights reserved.

Strengths of SAP Identity Management (2/2)

SAP IdM offers flexible and highly configurable

comprehensive workflows including a visual designer tool

As a highly functional central place for access request it

supports all the most important scenarios

Self-service capabilities for user related data and fully

automated user provisioning with no manual steps lowers

the burden on IT and the call center and increases the

ROI

It manages multiple and complex hierarchies of business

roles

SAP IdM is equipped with strong capabilities for reporting

SAP IdM is built on highly scalable platforms

SAP is a strategic software partner

12PUBLIC 2017 SAP SE or an SAP affiliate company. All rights reserved.

SAP Identity Management Connectivity Overview

Technical

Other + Partner

Business Applications

Directory Servers

Databases

SAP HANA Database

SAP ASE (Sybase)

Microsoft SQL Server

Microsoft Access

Oracle database

IBM UDB (DB2)

MySQL

Microsoft Active Directory

IBM Tivoli Directory

Nov