2. Why worry about SAP® data security? Your greatest threats may be from insiders! According to the ACFE’s 2010Report to the Nations on Occupational Fraud and Abuse, based on global data, organizations lose about 5% of annual revenue to fraud. Association of Certified Fraud Examiners www.acfe.com Schemes can go undetected for years and frequently involve first-time offenders. Are you protected?
3. Is your security on the “Honor System”? Procedures, protocols, segregation of duties alone won’t prevent fraud - unless ENFORCED by security “checkpoints” where a user MUST prove their identity to SAP®. Increased granularity of checkpoints is one way of increasing security. Increased sophistication of authentication methods at the checkpoints is the 2nd way of increasing security.
4. 2 Ways To Increase Data Security: Maximum Security Granularity of data checkpoints Sophistication of authentication mechanism
5. How To Increase SAP® Data Security: Biometric Recognition Dual Approval Field Value Button Field Info type Transaction Log-on Passwords Smart Cards High checkpoint granularity + Sophisticated authentication = Maximum Security
6. Bulletproof SAP® Data Security: Dual Approval Bulletproof SAP® Installations + Field Value Button Field Infotype Most SAP® Installations Transaction Log-on Passwords Smart Cards Fingerprints
7. Pick Your Level of Checkpoint Granularity Level I SAP Logon Level II Transactions Level III Any Field Level IV Exceeding Values Level V Dual Confirmation Choose your own method of authentication. All levels can be controlled using passwords, smart cards or fingerprint scans!
8. Example – Masking Field Data: Result: Multiple Checkpoints by User Log-on to a Profile (e.g. Admin) Transactions (e.g. HR / PO / Finance) Infotypes(e.g. 008/167 etc.) Buttons (e.g. Print / Export / Execute) Display (e.g. Balance Sheet) Execute (e.g. prevent execution of anything…) Tables within SE16/SE16N Programs within SE38 Values (e.g. wire transfer over a certain amount) Screens (e.g. export control / ITAR ) Dual Authentication Mask Fields (e.g. make data invisible)
9. What can a checkpoint control? Purchasing: Do you want better control of who authorized expenditures? Set a maximum on P.O. value? Finance:Do you want to place financial limits on a user’s credentials? How about dual approval on high dollar transactions?Restrict viewing of Income Statement or Balance Sheet? Operations: Need to protect the secrecy of a bill of materials or other intellectual property? Protect customer master? Human Resources: Do you want to control access to private HR data? Robust audit trail of a user’s SAP®activities? Executives: Are you looking for a plausible SOX alibi for your activities viewing/changing financial data? Marketing: Protect sensitive research data? What is your secure issue?
10. Sample Success Stories - Government agency achieves compliance with HIPAA by protecting private employee / HR info. Pharmaceutical user controls purchasing approvals by automating workflow with external browser access for senior executives International bank prevents fraud with dual authentication and strong financial controls, masking data from unauthorized viewing School Board prevents payroll and personal expense fraud which had gone undetected for years Nuclear plant protects all purchase orders and workflow for several thousand users
11. Find out how you can achieve Bulletproof SAP® Data Security! For a demo or pilot installation, call:1-877-bioLock realtime North America, Inc. WORLD TRADE CENTER 1101 Channelside Drive, Tampa, FL 33602 T: 813-283-0070 F: 813-283-0071 www.biolock.us Guillermo Alvarez Echauri Mexico & LA Director guillermo@realtimemexico.com