SlideShare a Scribd company logo

Webcast Security No. 8 - Read Access Logging (RAL)

Patric Dahse
Patric Dahse

Natuvion is a consulting company specializing in SAP solutions for utilities and digital transformation. The presentation discusses SAP Read Access Logging (RAL), a tool that allows monitoring and logging of access to sensitive data fields within SAP systems. RAL can monitor access at different levels, including user interfaces, services, and programs. Logs show which users accessed what data and provide technical access details. Implementing RAL generally takes 10-24 weeks and involves conception, configuration, testing, and rollout phases. Natuvion's services include RAL concept development, proof of concept implementations, and full realization projects.

Data & Analytics
1 of 18
Data Security and Data Privacy Natuvion Webcast (8) – SAP RAL - Read Access Logging Natuvion GmbH – 09.2017
AGENDA Natuvion Webcast Series Data Security and Data Privacy SAP RAL Read Access Logging SAP RAL Configuration and Application SAP RAL Introduction and Costs Contact BERLIN 30.11.2016 – Patric Dahse NATUVION 2
Since 2014, NATUVION supports customers with our experience and expertise in digitalization 3 Founded in 2014 as an owner-managed consulting company specializing in utilities, transformation and security Office locations: Walldorf, Berlin, München, Vienna(AT), Philadelphia(US) Company size: > 55 Employees Expertise of consultants: > 75 % SAP certified & Ø 12 years Utilities and SAP SAP Gold Partner SAP Recognized Expertise in Utilities SAP Landscape Transformation Long-term partner of the largest energy suppliers in Germany Services / Skills ▪ Strategic IT-Management ▪ IT Consulting for Utilities Industry ▪ SAP Transformation & Data Services ▪ SAP Security & Data Privacy / Protection ▪ Business Intelligence / Analytics Natuvion Group In-depth experience in implementation of GDPR requirements Strategic partnership with SAP Data Protection and Privacy Development Teams – ILM / IRF / Consent Close & long-term partnership with IT / data protection law experts Complete understanding of the processes and requirements from a business, IT and data privacy perspective Own certified solutions specifically for consistent data erasure, information and anonymization Designated data protection and privacy expertise (solutions) Designated Transformation expertise Success Factors Conception & introduction of anonymization (IS-U / CRM) Group-wide roll-out of a system anonymization (CRM / IS-U / ERP / HCM) Selective data deletion (IS-U / CRM / ERP / BW) Deletion concept of GDPR (SAP System landscape) IT and process concept conformity of affected persons rights according to GDPR (Information and Transparency) System and data decommissioning with SAP ILM Concept and implementation information (SAP IRF) Relevant References Natuvion – Your specialist for the implementation and requirements of the GDPR Data Security und Data Privacy in SAP - Datenanonymisierung
AGENDA Natuvion Webcast Series Data Security and Data Privacy SAP RAL Read Access Logging SAP RAL Configuration and Application SAP RAL Introduction and Costs Contact BERLIN 30.11.2016 – Patric Dahse NATUVION 4
Natuvion Webcasts Overview of the webcast series Data Privacy and Data Privacy 5 The webcast series "Data Privacy and Protection in SAP" offers an outstanding overview of the actions and implementation possibilities in accordance to the EU-GDPR. 8 30 Min. Access Monitoring of Sensitive Data Access monitoring of personal data powerd by SAP Read Access Logging Data Security und Data Privacy in SAP - Read Access Logging 1 1 hr. EU-GDPR Onboarding Legal overview and basic structuring of the fields of action (1 hour) 2 45 min. Deletion of Existing Historical Data Consistent deletion of mass data in SAP system landscapes (30 minutes) 3 45 min. Simple Blocking and Deletion Overview and experiences with the introduction of SAP Information Lifecycle Management (30 minutes) 4 45 min. Anonymization / Pseudonymization Background, challenges and implementation of a GDPR compliant anonymization 5 30 min. Data Reporting / Transparency GDPR compliant data transfer from conception to implementation - SAP IRF 6 45 min. Consent / Approval GDPR compliant approval concept and introduction – SAP CONSENT 7 45 Min. Privacy Impact Assessment How can PIAs be implemented and continue to exist?
Natuvion Webcasts Overview of the webcast series Data Privacy and Data Privacy 6 The webcast series "Data Privacy and Protection in SAP" offers an outstanding overview of the actions and implementation possibilities in accordance to the EU-GDPR. 8 30 Min. Access Monitoring of Sensitive Data Access monitoring of personal data powerd by SAP Read Access Logging Data Security und Data Privacy in SAP - Read Access Logging 1 1 hr. EU-GDPR Onboarding Legal overview and basic structuring of the fields of action (1 hour) 2 45 min. Deletion of Existing Historical Data Consistent deletion of mass data in SAP system landscapes (30 minutes) 3 45 min. Simple Blocking and Deletion Overview and experiences with the introduction of SAP Information Lifecycle Management (30 minutes) 4 45 min. Anonymization / Pseudonymization Background, challenges and implementation of a GDPR compliant anonymization 5 30 min. Data Reporting / Transparency GDPR compliant data transfer from conception to implementation - SAP IRF 6 45 min. Consent / Approval GDPR compliant approval concept and introduction – SAP CONSENT 7 45 Min. Privacy Impact Assessment How can PIAs be implemented and continue to exist?
AGENDA Natuvion Webcast Series Data Security and Data Privacy SAP RAL Read Access Logging SAP RAL Configuration and Application SAP RAL Introduction and Costs Contact BERLIN 30.11.2016 – Patric Dahse NATUVION 7
Read Access Logging What is SAP Read Access Logging 8 The Read Access Logging Framework (RAL) allows you to monitor and log access to sensitive data / fields within SAP system landscapes. Monitoring can be performed on different levels and input channels. Access to the user interfaces as well as services and function / program calls can be monitored. The monitoring is to be configured at the field level. The result of the monitoring can be viewed either in the function view (monitoring) or in further applications (Threat Detection / own alarm mechanisms and evaluations). Data Security und Data Privacy in SAP - Read Access Logging
Read Access Logging Industry use cases 9 In a clinic, treatment information of a public figure is stolen and offered to the public to purchase (eg: Formula 1 Star). The Data Protection Office is asked to investigate this case. Use Case: Health Care Industry Within a bank, there is suspicion of internal trading. The Data Protection Officer is commissioned with investigating the suspicion. A customer of a power supply company complained to a data protection officer about the customer service. The data of the customer was used by a different power supplier for direct addressing / solicitation. Use Case: Banking Industry Use Case: Utilities Industry Compliance with data protection regulations Compliance with industry standards (eg. Basel for the banking sector) Access control to classified or other sensitive data (such as information on company assets or salary data). Data Security und Data Privacy in SAP - Read Access Logging
Read Access Logging Overview SAP Read Access Logging 10 Why RAL Who had access to data determined data (e.g., a bank account) Who had access to personal data (eg.: business partner) Which employee had access to special personal data (eg.: religion) Who is looking for specific persons (eg: VIPs) Are there patterns of regular and / or similar search queries / accesses (eg.: repeatedly calling the same bank account) What can RAL do? Monitoring of RFC based communication (sRFC, aRFC, tRFC, qRFC, bgFRC) Monitoring of Web Dynpro-based user interfaces Monitoring of screen UI elements and ALV Grid based user interfaces Monitoring of web service based communication Content filtering based on conditions / users / channels... Grouping (Purpose Assignment) Results Overview of the accesses to the monitored data fields per data channel and per access Information about the user Information about the access path (screen / transaction / program / functions ...) Technical information about the user (terminal, IP, time) Information about the contents of the displayed fields Possibility of limited storage / archiving / deletion ? Data Security und Data Privacy in SAP - Read Access Logging
AGENDA Natuvion Webcast Series Data Security and Data Privacy SAP RAL Read Access Logging SAP RAL Configuration and Application SAP RAL Introduction and Costs Contact BERLIN 30.11.2016 – Patric Dahse NATUVION 11
System Demo Read Access Logging - Configuration and Application 12 Selection Transformation User View Administrationssicht REC Dynpro / Web-Dynpro Services, Functions, Programs REC REC Administration View Data Security und Data Privacy in SAP - Read Access Logging
AGENDA Natuvion Webcast Series Data Security and Data Privacy SAP RAL Read Access Logging SAP RAL Configuration and Application SAP RAL Introduction and Costs Contact BERLIN 30.11.2016 – Patric Dahse NATUVION 13
Introduction - Read Access Logging The implementation of the solution can be simply done within just a short time. 14 Conception Configuration Individualization Roll-Out Support ▪ Presentation of the functionalities of SAP RAL to the department (IT) ▪ Collection of relevant process, transactions, programs and user groups ▪ Definition of data protection measures according to GDPR ▪ Automated DDIC relationship analysis (search of target fields / data) ▪ Activation SAP RAL ▪ In add.: Delivery of template(s) ▪ Customizing and technical testing of SAP RAL on the basis of the concept specifications ▪ View additional functions ▪ Protocol storage and evaluation ▪ Integration into other applications (Threat Detection) ▪ Refinement of logging (filter / conditions) ▪ Customizing distribution / master client ▪ Permissions ▪ Final function test ▪ Training / Documentation ▪ Handover to business ▪ Maintenance ▪ Result archiving ▪ Development / Roll-Out Project Run Time: 10 – 24 Weeks 12 - 24 Months Scope Test Environment Tailoring your solution Start Regular Business Support Typical Phases During Implementation Data Security und Data Privacy in SAP - Read Access Logging
SAP Read Access Logging Tasks and efforts during implementation RAL offers consistent and comprehensive access control 01 02 03 04 05 (**) Operations & Monitoring (II) Realization Work Package (I) Conception / Preparation (IV) Roll-Out P-System (III) Roll-Out Q-System Work Package Effort Bus. Effort IT (I) Conception/ Preparation 1/2/3 15 MD 15 MD (II) Realization RAL4 20 MD 35 MD (III) Roll-Out Q-System 10 MD 10 MD (IV) Roll-Out P-System 15 MD 10 MD Total Effort 60 MD 70 MD Indicative project planning and effort assessment1 1 Experiences from reference projects 2 System in scope SAP ERP / CRM (pbD) 3 Add. external auditing (optional) 4 Also add. licence costs15 Task Levels Level Activities 1 • Conception and analysis based on the present system landscape • Creation of a phase plan as well as concreting of realization costs • Coordination and consideration of data protection requirements 2 • Realization of the conceived monitoring channels, processes, authorizations and conditions • Function test and performance test (including test automation) 3 • Roll-out and test of the configuration as well as the developments / extensions on the productive system chain (quality system) 4 • Roll-out and operation of the configuration as well as the developments / extensions on the productive system chain (production) Data Security und Data Privacy in SAP - Read Access Logging
Services provided by Natuvion in the context of access control with SAP RAL 16 Conception (Scope & Analysis) Proof Of Concept (2 Processes - 10 MD) Full Realization (incl. Maintenance) Quality Assurance (Audit, Training, QS) Data Security und Data Privacy in SAP - Read Access Logging
AGENDA Natuvion Webcast Series Data Security and Data Privacy SAP RAL Read Access Logging SAP RAL Configuration and Application SAP RAL Introduction and Costs Contact BERLIN 30.11.2016 – Patric Dahse NATUVION 17
Natuvion GmbH Altrottstraße 31 | 69190 Walldorf Fon +49 6227 73-1400 Fax +49 6227 73-1410 www.natuvion.com We look forward to answering any of your questions! Patric Dahse Managing Director Tel: +49 151 171 357 02 E-Mail: patric.dahse@natuvion.com 18 Data Security und Data Privacy in SAP - Read Access Logging

Recommended

Improve Data Protection and Compliance with UI-Level Logging and Masking
Improve Data Protection and Compliance with UI-Level Logging and MaskingImprove Data Protection and Compliance with UI-Level Logging and Masking
Improve Data Protection and Compliance with UI-Level Logging and Masking
Patric Dahse
 
GDPR compliant data anonymization / pseudonymization
GDPR compliant data anonymization / pseudonymization GDPR compliant data anonymization / pseudonymization
GDPR compliant data anonymization / pseudonymization
Patric Dahse
 
Data Security & Data Privacy: Data Anonymization
Data Security & Data Privacy: Data AnonymizationData Security & Data Privacy: Data Anonymization
Data Security & Data Privacy: Data Anonymization
Patric Dahse
 
Cloud cpmputing and busness processes
Cloud cpmputing and busness processesCloud cpmputing and busness processes
Cloud cpmputing and busness processes
Minka Fudulova
 
Splunk Webinar: IT Operations Demo für Troubleshooting & Dashboarding
Splunk Webinar: IT Operations Demo für Troubleshooting & DashboardingSplunk Webinar: IT Operations Demo für Troubleshooting & Dashboarding
Splunk Webinar: IT Operations Demo für Troubleshooting & Dashboarding
Georg Knon
 
Prodapt Corporate Overview Presentation
Prodapt Corporate Overview PresentationProdapt Corporate Overview Presentation
Prodapt Corporate Overview Presentation
Prodapt Solutions
 
SABSA vs. TOGAF in a RMF NIST 800-30 context
SABSA vs. TOGAF in a RMF NIST 800-30 contextSABSA vs. TOGAF in a RMF NIST 800-30 context
SABSA vs. TOGAF in a RMF NIST 800-30 context
David Sweigert
 
Virtualisation de données : Enjeux, Usages & Bénéfices
Virtualisation de données : Enjeux, Usages & BénéficesVirtualisation de données : Enjeux, Usages & Bénéfices
Virtualisation de données : Enjeux, Usages & Bénéfices
Denodo
 

Recommended

Improve Data Protection and Compliance with UI-Level Logging and Masking
Improve Data Protection and Compliance with UI-Level Logging and MaskingImprove Data Protection and Compliance with UI-Level Logging and Masking
Improve Data Protection and Compliance with UI-Level Logging and Masking
Patric Dahse
 
GDPR compliant data anonymization / pseudonymization
GDPR compliant data anonymization / pseudonymization GDPR compliant data anonymization / pseudonymization
GDPR compliant data anonymization / pseudonymization
Patric Dahse
 
Data Security & Data Privacy: Data Anonymization
Data Security & Data Privacy: Data AnonymizationData Security & Data Privacy: Data Anonymization
Data Security & Data Privacy: Data Anonymization
Patric Dahse
 
Cloud cpmputing and busness processes
Cloud cpmputing and busness processesCloud cpmputing and busness processes
Cloud cpmputing and busness processes
Minka Fudulova
 
Splunk Webinar: IT Operations Demo für Troubleshooting & Dashboarding
Splunk Webinar: IT Operations Demo für Troubleshooting & DashboardingSplunk Webinar: IT Operations Demo für Troubleshooting & Dashboarding
Splunk Webinar: IT Operations Demo für Troubleshooting & Dashboarding
Georg Knon
 
Prodapt Corporate Overview Presentation
Prodapt Corporate Overview PresentationProdapt Corporate Overview Presentation
Prodapt Corporate Overview Presentation
Prodapt Solutions
 
SABSA vs. TOGAF in a RMF NIST 800-30 context
SABSA vs. TOGAF in a RMF NIST 800-30 contextSABSA vs. TOGAF in a RMF NIST 800-30 context
SABSA vs. TOGAF in a RMF NIST 800-30 context
David Sweigert
 
Virtualisation de données : Enjeux, Usages & Bénéfices
Virtualisation de données : Enjeux, Usages & BénéficesVirtualisation de données : Enjeux, Usages & Bénéfices
Virtualisation de données : Enjeux, Usages & Bénéfices
Denodo
 
SAP Data Hub – What is it, and what’s new? (Sefan Linders)
SAP Data Hub – What is it, and what’s new? (Sefan Linders)SAP Data Hub – What is it, and what’s new? (Sefan Linders)
SAP Data Hub – What is it, and what’s new? (Sefan Linders)
Twan van den Broek
 
SAP Leonardo succeeding with industrial iot
SAP Leonardo succeeding with industrial iotSAP Leonardo succeeding with industrial iot
SAP Leonardo succeeding with industrial iot
Pierre Erasmus
 
Sap ilm detailed presentation
Sap ilm detailed presentationSap ilm detailed presentation
Sap ilm detailed presentation
yusufcetin_sap
 
SAP BTP Enablement
SAP BTP EnablementSAP BTP Enablement
SAP BTP Enablement
Luis Carrasco
 
Splunk for IT Operations
Splunk for IT OperationsSplunk for IT Operations
Splunk for IT Operations
Splunk
 
Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]
Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]
Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]
akquinet enterprise solutions GmbH
 
sapilmdetailedpresentationdetaileds.pptx
sapilmdetailedpresentationdetaileds.pptxsapilmdetailedpresentationdetaileds.pptx
sapilmdetailedpresentationdetaileds.pptx
NavinnSomaal
 
The SAP Startup Focus Program – Tackling Big Data With the Power of Small by ...
The SAP Startup Focus Program – Tackling Big Data With the Power of Small by ...The SAP Startup Focus Program – Tackling Big Data With the Power of Small by ...
The SAP Startup Focus Program – Tackling Big Data With the Power of Small by ...
Codemotion
 
SplunkLive! Amsterdam 2015 - IT Ops breakout
SplunkLive! Amsterdam 2015 - IT Ops breakoutSplunkLive! Amsterdam 2015 - IT Ops breakout
SplunkLive! Amsterdam 2015 - IT Ops breakout
Splunk
 
ASUG SAPPHIRENOW 2017 - SAP Leonardo Internet of Things - Briefing Book
ASUG SAPPHIRENOW 2017 - SAP Leonardo Internet of Things - Briefing BookASUG SAPPHIRENOW 2017 - SAP Leonardo Internet of Things - Briefing Book
ASUG SAPPHIRENOW 2017 - SAP Leonardo Internet of Things - Briefing Book
Pushkar Ranjan
 
Denodo Platform 7.0: What's New?
Denodo Platform 7.0: What's New?Denodo Platform 7.0: What's New?
Denodo Platform 7.0: What's New?
Denodo
 
Logicalis Backup as a Service: Re-defining Data Protection
Logicalis Backup as a Service: Re-defining Data ProtectionLogicalis Backup as a Service: Re-defining Data Protection
Logicalis Backup as a Service: Re-defining Data Protection
Logicalis Australia
 
A "First Time Right" Start with Data Virtualization by Bart De Groeve, Practi...
A "First Time Right" Start with Data Virtualization by Bart De Groeve, Practi...A "First Time Right" Start with Data Virtualization by Bart De Groeve, Practi...
A "First Time Right" Start with Data Virtualization by Bart De Groeve, Practi...
Patrick Van Renterghem
 
SAP Dynamic Authorization Management
SAP Dynamic Authorization Management SAP Dynamic Authorization Management
SAP Dynamic Authorization Management
SAP Solution Extensions
 
World of Watson 2016 - Data lake or Data Swamp
World of Watson 2016 - Data lake or Data SwampWorld of Watson 2016 - Data lake or Data Swamp
World of Watson 2016 - Data lake or Data Swamp
Keith Redman
 
SAP on pay as you go model
SAP on pay as you go modelSAP on pay as you go model
SAP on pay as you go model
Ajay Kumar Uppal
 
Data Security and Data Privacy – EU-GDPR Fields of Action
Data Security and Data Privacy – EU-GDPR Fields of ActionData Security and Data Privacy – EU-GDPR Fields of Action
Data Security and Data Privacy – EU-GDPR Fields of Action
Patric Dahse
 
ASUG Virginia Chapter meeting 10.3.14 agenda
ASUG Virginia Chapter meeting 10.3.14 agendaASUG Virginia Chapter meeting 10.3.14 agenda
ASUG Virginia Chapter meeting 10.3.14 agenda
Tammy Powlas
 
When SAP alone is not enough
When SAP alone is not enoughWhen SAP alone is not enough
When SAP alone is not enough
Cloudera, Inc.
 
MongoDB IoT City Tour EINDHOVEN: Analysing the Internet of Things: Davy Nys, ...
MongoDB IoT City Tour EINDHOVEN: Analysing the Internet of Things: Davy Nys, ...MongoDB IoT City Tour EINDHOVEN: Analysing the Internet of Things: Davy Nys, ...
MongoDB IoT City Tour EINDHOVEN: Analysing the Internet of Things: Davy Nys, ...
MongoDB
 
SAP Cloud for Energy Webinar Series Part 1
SAP Cloud for Energy Webinar Series Part 1SAP Cloud for Energy Webinar Series Part 1
SAP Cloud for Energy Webinar Series Part 1
Patric Dahse
 
Webcast DSGVO im bw
Webcast DSGVO im bwWebcast DSGVO im bw
Webcast DSGVO im bw
Patric Dahse
 

More Related Content

Similar to Webcast Security No. 8 - Read Access Logging (RAL)

Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]
Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]
Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]
akquinet enterprise solutions GmbH
 
ASUG SAPPHIRENOW 2017 - SAP Leonardo Internet of Things - Briefing Book
ASUG SAPPHIRENOW 2017 - SAP Leonardo Internet of Things - Briefing BookASUG SAPPHIRENOW 2017 - SAP Leonardo Internet of Things - Briefing Book
ASUG SAPPHIRENOW 2017 - SAP Leonardo Internet of Things - Briefing Book
Pushkar Ranjan
 
Logicalis Backup as a Service: Re-defining Data Protection
Logicalis Backup as a Service: Re-defining Data ProtectionLogicalis Backup as a Service: Re-defining Data Protection
Logicalis Backup as a Service: Re-defining Data Protection
Logicalis Australia
 

Similar to Webcast Security No. 8 - Read Access Logging (RAL) (20)

SAP Data Hub – What is it, and what’s new? (Sefan Linders)
SAP Data Hub – What is it, and what’s new? (Sefan Linders)SAP Data Hub – What is it, and what’s new? (Sefan Linders)
SAP Data Hub – What is it, and what’s new? (Sefan Linders)
 
SAP Leonardo succeeding with industrial iot
SAP Leonardo succeeding with industrial iotSAP Leonardo succeeding with industrial iot
SAP Leonardo succeeding with industrial iot
 
Sap ilm detailed presentation
Sap ilm detailed presentationSap ilm detailed presentation
Sap ilm detailed presentation
 
SAP BTP Enablement
SAP BTP EnablementSAP BTP Enablement
SAP BTP Enablement
 
Splunk for IT Operations
Splunk for IT OperationsSplunk for IT Operations
Splunk for IT Operations
 
Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]
Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]
Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]
 
sapilmdetailedpresentationdetaileds.pptx
sapilmdetailedpresentationdetaileds.pptxsapilmdetailedpresentationdetaileds.pptx
sapilmdetailedpresentationdetaileds.pptx
 
The SAP Startup Focus Program – Tackling Big Data With the Power of Small by ...
The SAP Startup Focus Program – Tackling Big Data With the Power of Small by ...The SAP Startup Focus Program – Tackling Big Data With the Power of Small by ...
The SAP Startup Focus Program – Tackling Big Data With the Power of Small by ...
 
SplunkLive! Amsterdam 2015 - IT Ops breakout
SplunkLive! Amsterdam 2015 - IT Ops breakoutSplunkLive! Amsterdam 2015 - IT Ops breakout
SplunkLive! Amsterdam 2015 - IT Ops breakout
 
ASUG SAPPHIRENOW 2017 - SAP Leonardo Internet of Things - Briefing Book
ASUG SAPPHIRENOW 2017 - SAP Leonardo Internet of Things - Briefing BookASUG SAPPHIRENOW 2017 - SAP Leonardo Internet of Things - Briefing Book
ASUG SAPPHIRENOW 2017 - SAP Leonardo Internet of Things - Briefing Book
 
Denodo Platform 7.0: What's New?
Denodo Platform 7.0: What's New?Denodo Platform 7.0: What's New?
Denodo Platform 7.0: What's New?
 
Logicalis Backup as a Service: Re-defining Data Protection
Logicalis Backup as a Service: Re-defining Data ProtectionLogicalis Backup as a Service: Re-defining Data Protection
Logicalis Backup as a Service: Re-defining Data Protection
 
A "First Time Right" Start with Data Virtualization by Bart De Groeve, Practi...
A "First Time Right" Start with Data Virtualization by Bart De Groeve, Practi...A "First Time Right" Start with Data Virtualization by Bart De Groeve, Practi...
A "First Time Right" Start with Data Virtualization by Bart De Groeve, Practi...
 
SAP Dynamic Authorization Management
SAP Dynamic Authorization Management SAP Dynamic Authorization Management
SAP Dynamic Authorization Management
 
World of Watson 2016 - Data lake or Data Swamp
World of Watson 2016 - Data lake or Data SwampWorld of Watson 2016 - Data lake or Data Swamp
World of Watson 2016 - Data lake or Data Swamp
 
SAP on pay as you go model
SAP on pay as you go modelSAP on pay as you go model
SAP on pay as you go model
 
Data Security and Data Privacy – EU-GDPR Fields of Action
Data Security and Data Privacy – EU-GDPR Fields of ActionData Security and Data Privacy – EU-GDPR Fields of Action
Data Security and Data Privacy – EU-GDPR Fields of Action
 
ASUG Virginia Chapter meeting 10.3.14 agenda
ASUG Virginia Chapter meeting 10.3.14 agendaASUG Virginia Chapter meeting 10.3.14 agenda
ASUG Virginia Chapter meeting 10.3.14 agenda
 
When SAP alone is not enough
When SAP alone is not enoughWhen SAP alone is not enough
When SAP alone is not enough
 
MongoDB IoT City Tour EINDHOVEN: Analysing the Internet of Things: Davy Nys, ...
MongoDB IoT City Tour EINDHOVEN: Analysing the Internet of Things: Davy Nys, ...MongoDB IoT City Tour EINDHOVEN: Analysing the Internet of Things: Davy Nys, ...
MongoDB IoT City Tour EINDHOVEN: Analysing the Internet of Things: Davy Nys, ...
 

More from Patric Dahse

Russian: Webcast Security Anonymization (TDA)
Russian: Webcast Security Anonymization (TDA)Russian: Webcast Security Anonymization (TDA)
Russian: Webcast Security Anonymization (TDA)
Patric Dahse
 

More from Patric Dahse (20)

SAP Cloud for Energy Webinar Series Part 1
SAP Cloud for Energy Webinar Series Part 1SAP Cloud for Energy Webinar Series Part 1
SAP Cloud for Energy Webinar Series Part 1
 
Webcast DSGVO im bw
Webcast DSGVO im bwWebcast DSGVO im bw
Webcast DSGVO im bw
 
Webinar mit TakeASP: Ent-personalisierung
Webinar mit TakeASP: Ent-personalisierungWebinar mit TakeASP: Ent-personalisierung
Webinar mit TakeASP: Ent-personalisierung
 
Ent-Personalisierung von IT Systemen (Anonymisierung & Pseudonymisierung)
Ent-Personalisierung von IT Systemen (Anonymisierung & Pseudonymisierung)Ent-Personalisierung von IT Systemen (Anonymisierung & Pseudonymisierung)
Ent-Personalisierung von IT Systemen (Anonymisierung & Pseudonymisierung)
 
Wie laufen Prozesse im Unternehmen wirklich ab? Wie wird der Einkauf gelebt?
Wie laufen Prozesse im Unternehmen wirklich ab? Wie wird der Einkauf gelebt? Wie laufen Prozesse im Unternehmen wirklich ab? Wie wird der Einkauf gelebt?
Wie laufen Prozesse im Unternehmen wirklich ab? Wie wird der Einkauf gelebt?
 
Steigern Sie Ihre Prozessexzellenz mit Celonis Process Mining
Steigern Sie Ihre Prozessexzellenz mit Celonis Process MiningSteigern Sie Ihre Prozessexzellenz mit Celonis Process Mining
Steigern Sie Ihre Prozessexzellenz mit Celonis Process Mining
 
UI-basierte Datenschutz | SAP UI Logging & Masking (Deutsch)
UI-basierte Datenschutz | SAP UI Logging & Masking (Deutsch)UI-basierte Datenschutz | SAP UI Logging & Masking (Deutsch)
UI-basierte Datenschutz | SAP UI Logging & Masking (Deutsch)
 
Data Security und Data Privacy: Read Access Logging
Data Security und Data Privacy: Read Access LoggingData Security und Data Privacy: Read Access Logging
Data Security und Data Privacy: Read Access Logging
 
Russian: Webcast Security Anonymization (TDA)
Russian: Webcast Security Anonymization (TDA)Russian: Webcast Security Anonymization (TDA)
Russian: Webcast Security Anonymization (TDA)
 
Webcast Security & Data Privacy: Anonymization
Webcast Security & Data Privacy: AnonymizationWebcast Security & Data Privacy: Anonymization
Webcast Security & Data Privacy: Anonymization
 
Doing Business in Europe? GDPR: What you need to know and do
Doing Business in Europe? GDPR: What you need to know and doDoing Business in Europe? GDPR: What you need to know and do
Doing Business in Europe? GDPR: What you need to know and do
 
How is GDPR relevant for US companies
How is GDPR relevant for US companies How is GDPR relevant for US companies
How is GDPR relevant for US companies
 
Webcast Nr. 3 - Java Entwicklung mit der SAP Cloud Platform
Webcast Nr. 3 - Java Entwicklung mit der SAP Cloud PlatformWebcast Nr. 3 - Java Entwicklung mit der SAP Cloud Platform
Webcast Nr. 3 - Java Entwicklung mit der SAP Cloud Platform
 
Webcast SAP Cloud Platform 2 - Developing Tools
Webcast SAP Cloud Platform 2 - Developing ToolsWebcast SAP Cloud Platform 2 - Developing Tools
Webcast SAP Cloud Platform 2 - Developing Tools
 
Webcast SAP Cloud Platform No. 1: On-Boarding
Webcast SAP Cloud Platform No. 1: On-BoardingWebcast SAP Cloud Platform No. 1: On-Boarding
Webcast SAP Cloud Platform No. 1: On-Boarding
 
Einfaches Sperren und Löschen / SAP Information LifeCycle Management
Einfaches Sperren und Löschen / SAP Information LifeCycle ManagementEinfaches Sperren und Löschen / SAP Information LifeCycle Management
Einfaches Sperren und Löschen / SAP Information LifeCycle Management
 
Neue umsatzsteuerliche Berechnungsgrundlage des Gemeinderabatts
Neue umsatzsteuerliche Berechnungsgrundlage des GemeinderabattsNeue umsatzsteuerliche Berechnungsgrundlage des Gemeinderabatts
Neue umsatzsteuerliche Berechnungsgrundlage des Gemeinderabatts
 
Abrechnungsprozesse im wettbewerblichen Meßstellenbetrieb
Abrechnungsprozesse im wettbewerblichen MeßstellenbetriebAbrechnungsprozesse im wettbewerblichen Meßstellenbetrieb
Abrechnungsprozesse im wettbewerblichen Meßstellenbetrieb
 
Abrechnung von nonCommodity-Produkten
Abrechnung von nonCommodity-ProduktenAbrechnung von nonCommodity-Produkten
Abrechnung von nonCommodity-Produkten
 
Data Security und Data Privacy – Auskunft
Data Security und Data Privacy – Auskunft Data Security und Data Privacy – Auskunft
Data Security und Data Privacy – Auskunft
 

Recently uploaded

一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单
ewymefz
 
Professional Data Engineer Certification Exam Guide  _  Learn  _  Google Clou...
Professional Data Engineer Certification Exam Guide  _  Learn  _  Google Clou...Professional Data Engineer Certification Exam Guide  _  Learn  _  Google Clou...
Professional Data Engineer Certification Exam Guide  _  Learn  _  Google Clou...
Domenico Conte
 
一比一原版(UVic毕业证)维多利亚大学毕业证成绩单
一比一原版(UVic毕业证)维多利亚大学毕业证成绩单一比一原版(UVic毕业证)维多利亚大学毕业证成绩单
一比一原版(UVic毕业证)维多利亚大学毕业证成绩单
ukgaet
 
一比一原版(RUG毕业证)格罗宁根大学毕业证成绩单
一比一原版(RUG毕业证)格罗宁根大学毕业证成绩单一比一原版(RUG毕业证)格罗宁根大学毕业证成绩单
一比一原版(RUG毕业证)格罗宁根大学毕业证成绩单
vcaxypu
 
一比一原版(QU毕业证)皇后大学毕业证成绩单
一比一原版(QU毕业证)皇后大学毕业证成绩单一比一原版(QU毕业证)皇后大学毕业证成绩单
一比一原版(QU毕业证)皇后大学毕业证成绩单
enxupq
 
Investigate & Recover / StarCompliance.io / Crypto_Crimes
Investigate & Recover / StarCompliance.io / Crypto_CrimesInvestigate & Recover / StarCompliance.io / Crypto_Crimes
Investigate & Recover / StarCompliance.io / Crypto_Crimes
StarCompliance.io
 
一比一原版(UPenn毕业证)宾夕法尼亚大学毕业证成绩单
一比一原版(UPenn毕业证)宾夕法尼亚大学毕业证成绩单一比一原版(UPenn毕业证)宾夕法尼亚大学毕业证成绩单
一比一原版(UPenn毕业证)宾夕法尼亚大学毕业证成绩单
ewymefz
 
一比一原版(NYU毕业证)纽约大学毕业证成绩单
一比一原版(NYU毕业证)纽约大学毕业证成绩单一比一原版(NYU毕业证)纽约大学毕业证成绩单
一比一原版(NYU毕业证)纽约大学毕业证成绩单
ewymefz
 
Opendatabay - Open Data Marketplace.pptx
Opendatabay - Open Data Marketplace.pptxOpendatabay - Open Data Marketplace.pptx
Opendatabay - Open Data Marketplace.pptx
Opendatabay
 
一比一原版(ArtEZ毕业证)ArtEZ艺术学院毕业证成绩单
一比一原版(ArtEZ毕业证)ArtEZ艺术学院毕业证成绩单一比一原版(ArtEZ毕业证)ArtEZ艺术学院毕业证成绩单
一比一原版(ArtEZ毕业证)ArtEZ艺术学院毕业证成绩单
vcaxypu
 
一比一原版(CBU毕业证)卡普顿大学毕业证成绩单
一比一原版(CBU毕业证)卡普顿大学毕业证成绩单一比一原版(CBU毕业证)卡普顿大学毕业证成绩单
一比一原版(CBU毕业证)卡普顿大学毕业证成绩单
nscud
 

Recently uploaded (20)

Supply chain analytics to combat the effects of Ukraine-Russia-conflict
Supply chain analytics to combat the effects of Ukraine-Russia-conflictSupply chain analytics to combat the effects of Ukraine-Russia-conflict
Supply chain analytics to combat the effects of Ukraine-Russia-conflict
 
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单
 
Professional Data Engineer Certification Exam Guide  _  Learn  _  Google Clou...
Professional Data Engineer Certification Exam Guide  _  Learn  _  Google Clou...Professional Data Engineer Certification Exam Guide  _  Learn  _  Google Clou...
Professional Data Engineer Certification Exam Guide  _  Learn  _  Google Clou...
 
一比一原版(UVic毕业证)维多利亚大学毕业证成绩单
一比一原版(UVic毕业证)维多利亚大学毕业证成绩单一比一原版(UVic毕业证)维多利亚大学毕业证成绩单
一比一原版(UVic毕业证)维多利亚大学毕业证成绩单
 
一比一原版(RUG毕业证)格罗宁根大学毕业证成绩单
一比一原版(RUG毕业证)格罗宁根大学毕业证成绩单一比一原版(RUG毕业证)格罗宁根大学毕业证成绩单
一比一原版(RUG毕业证)格罗宁根大学毕业证成绩单
 
一比一原版(QU毕业证)皇后大学毕业证成绩单
一比一原版(QU毕业证)皇后大学毕业证成绩单一比一原版(QU毕业证)皇后大学毕业证成绩单
一比一原版(QU毕业证)皇后大学毕业证成绩单
 
Q1’2024 Update: MYCI’s Leap Year Rebound
Q1’2024 Update: MYCI’s Leap Year ReboundQ1’2024 Update: MYCI’s Leap Year Rebound
Q1’2024 Update: MYCI’s Leap Year Rebound
 
How can I successfully sell my pi coins in Philippines?
How can I successfully sell my pi coins in Philippines?How can I successfully sell my pi coins in Philippines?
How can I successfully sell my pi coins in Philippines?
 
Uber Ride Supply Demand Gap Analysis Report
Uber Ride Supply Demand Gap Analysis ReportUber Ride Supply Demand Gap Analysis Report
Uber Ride Supply Demand Gap Analysis Report
 
Criminal IP - Threat Hunting Webinar.pdf
Criminal IP - Threat Hunting Webinar.pdfCriminal IP - Threat Hunting Webinar.pdf
Criminal IP - Threat Hunting Webinar.pdf
 
Investigate & Recover / StarCompliance.io / Crypto_Crimes
Investigate & Recover / StarCompliance.io / Crypto_CrimesInvestigate & Recover / StarCompliance.io / Crypto_Crimes
Investigate & Recover / StarCompliance.io / Crypto_Crimes
 
Webinar One View, Multiple Systems No-Code Integration of Salesforce and ERPs
Webinar One View, Multiple Systems No-Code Integration of Salesforce and ERPsWebinar One View, Multiple Systems No-Code Integration of Salesforce and ERPs
Webinar One View, Multiple Systems No-Code Integration of Salesforce and ERPs
 
一比一原版(UPenn毕业证)宾夕法尼亚大学毕业证成绩单
一比一原版(UPenn毕业证)宾夕法尼亚大学毕业证成绩单一比一原版(UPenn毕业证)宾夕法尼亚大学毕业证成绩单
一比一原版(UPenn毕业证)宾夕法尼亚大学毕业证成绩单
 
一比一原版(NYU毕业证)纽约大学毕业证成绩单
一比一原版(NYU毕业证)纽约大学毕业证成绩单一比一原版(NYU毕业证)纽约大学毕业证成绩单
一比一原版(NYU毕业证)纽约大学毕业证成绩单
 
社内勉強会資料_LLM Agents                              .
社内勉強会資料_LLM Agents                              .社内勉強会資料_LLM Agents                              .
社内勉強会資料_LLM Agents                              .
 
Opendatabay - Open Data Marketplace.pptx
Opendatabay - Open Data Marketplace.pptxOpendatabay - Open Data Marketplace.pptx
Opendatabay - Open Data Marketplace.pptx
 
Innovative Methods in Media and Communication Research by Sebastian Kubitschk...
Innovative Methods in Media and Communication Research by Sebastian Kubitschk...Innovative Methods in Media and Communication Research by Sebastian Kubitschk...
Innovative Methods in Media and Communication Research by Sebastian Kubitschk...
 
一比一原版(ArtEZ毕业证)ArtEZ艺术学院毕业证成绩单
一比一原版(ArtEZ毕业证)ArtEZ艺术学院毕业证成绩单一比一原版(ArtEZ毕业证)ArtEZ艺术学院毕业证成绩单
一比一原版(ArtEZ毕业证)ArtEZ艺术学院毕业证成绩单
 
Slip-and-fall Injuries: Top Workers' Comp Claims
Slip-and-fall Injuries: Top Workers' Comp ClaimsSlip-and-fall Injuries: Top Workers' Comp Claims
Slip-and-fall Injuries: Top Workers' Comp Claims
 
一比一原版(CBU毕业证)卡普顿大学毕业证成绩单
一比一原版(CBU毕业证)卡普顿大学毕业证成绩单一比一原版(CBU毕业证)卡普顿大学毕业证成绩单
一比一原版(CBU毕业证)卡普顿大学毕业证成绩单
 

Webcast Security No. 8 - Read Access Logging (RAL)

  • 1. Data Security and Data Privacy Natuvion Webcast (8) – SAP RAL - Read Access Logging Natuvion GmbH – 09.2017
  • 2. AGENDA Natuvion Webcast Series Data Security and Data Privacy SAP RAL Read Access Logging SAP RAL Configuration and Application SAP RAL Introduction and Costs Contact BERLIN 30.11.2016 – Patric Dahse NATUVION 2
  • 3. Since 2014, NATUVION supports customers with our experience and expertise in digitalization 3 Founded in 2014 as an owner-managed consulting company specializing in utilities, transformation and security Office locations: Walldorf, Berlin, München, Vienna(AT), Philadelphia(US) Company size: > 55 Employees Expertise of consultants: > 75 % SAP certified & Ø 12 years Utilities and SAP SAP Gold Partner SAP Recognized Expertise in Utilities SAP Landscape Transformation Long-term partner of the largest energy suppliers in Germany Services / Skills ▪ Strategic IT-Management ▪ IT Consulting for Utilities Industry ▪ SAP Transformation & Data Services ▪ SAP Security & Data Privacy / Protection ▪ Business Intelligence / Analytics Natuvion Group In-depth experience in implementation of GDPR requirements Strategic partnership with SAP Data Protection and Privacy Development Teams – ILM / IRF / Consent Close & long-term partnership with IT / data protection law experts Complete understanding of the processes and requirements from a business, IT and data privacy perspective Own certified solutions specifically for consistent data erasure, information and anonymization Designated data protection and privacy expertise (solutions) Designated Transformation expertise Success Factors Conception & introduction of anonymization (IS-U / CRM) Group-wide roll-out of a system anonymization (CRM / IS-U / ERP / HCM) Selective data deletion (IS-U / CRM / ERP / BW) Deletion concept of GDPR (SAP System landscape) IT and process concept conformity of affected persons rights according to GDPR (Information and Transparency) System and data decommissioning with SAP ILM Concept and implementation information (SAP IRF) Relevant References Natuvion – Your specialist for the implementation and requirements of the GDPR Data Security und Data Privacy in SAP - Datenanonymisierung
  • 4. AGENDA Natuvion Webcast Series Data Security and Data Privacy SAP RAL Read Access Logging SAP RAL Configuration and Application SAP RAL Introduction and Costs Contact BERLIN 30.11.2016 – Patric Dahse NATUVION 4
  • 5. Natuvion Webcasts Overview of the webcast series Data Privacy and Data Privacy 5 The webcast series "Data Privacy and Protection in SAP" offers an outstanding overview of the actions and implementation possibilities in accordance to the EU-GDPR. 8 30 Min. Access Monitoring of Sensitive Data Access monitoring of personal data powerd by SAP Read Access Logging Data Security und Data Privacy in SAP - Read Access Logging 1 1 hr. EU-GDPR Onboarding Legal overview and basic structuring of the fields of action (1 hour) 2 45 min. Deletion of Existing Historical Data Consistent deletion of mass data in SAP system landscapes (30 minutes) 3 45 min. Simple Blocking and Deletion Overview and experiences with the introduction of SAP Information Lifecycle Management (30 minutes) 4 45 min. Anonymization / Pseudonymization Background, challenges and implementation of a GDPR compliant anonymization 5 30 min. Data Reporting / Transparency GDPR compliant data transfer from conception to implementation - SAP IRF 6 45 min. Consent / Approval GDPR compliant approval concept and introduction – SAP CONSENT 7 45 Min. Privacy Impact Assessment How can PIAs be implemented and continue to exist?
  • 6. Natuvion Webcasts Overview of the webcast series Data Privacy and Data Privacy 6 The webcast series "Data Privacy and Protection in SAP" offers an outstanding overview of the actions and implementation possibilities in accordance to the EU-GDPR. 8 30 Min. Access Monitoring of Sensitive Data Access monitoring of personal data powerd by SAP Read Access Logging Data Security und Data Privacy in SAP - Read Access Logging 1 1 hr. EU-GDPR Onboarding Legal overview and basic structuring of the fields of action (1 hour) 2 45 min. Deletion of Existing Historical Data Consistent deletion of mass data in SAP system landscapes (30 minutes) 3 45 min. Simple Blocking and Deletion Overview and experiences with the introduction of SAP Information Lifecycle Management (30 minutes) 4 45 min. Anonymization / Pseudonymization Background, challenges and implementation of a GDPR compliant anonymization 5 30 min. Data Reporting / Transparency GDPR compliant data transfer from conception to implementation - SAP IRF 6 45 min. Consent / Approval GDPR compliant approval concept and introduction – SAP CONSENT 7 45 Min. Privacy Impact Assessment How can PIAs be implemented and continue to exist?
  • 7. AGENDA Natuvion Webcast Series Data Security and Data Privacy SAP RAL Read Access Logging SAP RAL Configuration and Application SAP RAL Introduction and Costs Contact BERLIN 30.11.2016 – Patric Dahse NATUVION 7
  • 8. Read Access Logging What is SAP Read Access Logging 8 The Read Access Logging Framework (RAL) allows you to monitor and log access to sensitive data / fields within SAP system landscapes. Monitoring can be performed on different levels and input channels. Access to the user interfaces as well as services and function / program calls can be monitored. The monitoring is to be configured at the field level. The result of the monitoring can be viewed either in the function view (monitoring) or in further applications (Threat Detection / own alarm mechanisms and evaluations). Data Security und Data Privacy in SAP - Read Access Logging
  • 9. Read Access Logging Industry use cases 9 In a clinic, treatment information of a public figure is stolen and offered to the public to purchase (eg: Formula 1 Star). The Data Protection Office is asked to investigate this case. Use Case: Health Care Industry Within a bank, there is suspicion of internal trading. The Data Protection Officer is commissioned with investigating the suspicion. A customer of a power supply company complained to a data protection officer about the customer service. The data of the customer was used by a different power supplier for direct addressing / solicitation. Use Case: Banking Industry Use Case: Utilities Industry Compliance with data protection regulations Compliance with industry standards (eg. Basel for the banking sector) Access control to classified or other sensitive data (such as information on company assets or salary data). Data Security und Data Privacy in SAP - Read Access Logging
  • 10. Read Access Logging Overview SAP Read Access Logging 10 Why RAL Who had access to data determined data (e.g., a bank account) Who had access to personal data (eg.: business partner) Which employee had access to special personal data (eg.: religion) Who is looking for specific persons (eg: VIPs) Are there patterns of regular and / or similar search queries / accesses (eg.: repeatedly calling the same bank account) What can RAL do? Monitoring of RFC based communication (sRFC, aRFC, tRFC, qRFC, bgFRC) Monitoring of Web Dynpro-based user interfaces Monitoring of screen UI elements and ALV Grid based user interfaces Monitoring of web service based communication Content filtering based on conditions / users / channels... Grouping (Purpose Assignment) Results Overview of the accesses to the monitored data fields per data channel and per access Information about the user Information about the access path (screen / transaction / program / functions ...) Technical information about the user (terminal, IP, time) Information about the contents of the displayed fields Possibility of limited storage / archiving / deletion ? Data Security und Data Privacy in SAP - Read Access Logging
  • 11. AGENDA Natuvion Webcast Series Data Security and Data Privacy SAP RAL Read Access Logging SAP RAL Configuration and Application SAP RAL Introduction and Costs Contact BERLIN 30.11.2016 – Patric Dahse NATUVION 11
  • 12. System Demo Read Access Logging - Configuration and Application 12 Selection Transformation User View Administrationssicht REC Dynpro / Web-Dynpro Services, Functions, Programs REC REC Administration View Data Security und Data Privacy in SAP - Read Access Logging
  • 13. AGENDA Natuvion Webcast Series Data Security and Data Privacy SAP RAL Read Access Logging SAP RAL Configuration and Application SAP RAL Introduction and Costs Contact BERLIN 30.11.2016 – Patric Dahse NATUVION 13
  • 14. Introduction - Read Access Logging The implementation of the solution can be simply done within just a short time. 14 Conception Configuration Individualization Roll-Out Support ▪ Presentation of the functionalities of SAP RAL to the department (IT) ▪ Collection of relevant process, transactions, programs and user groups ▪ Definition of data protection measures according to GDPR ▪ Automated DDIC relationship analysis (search of target fields / data) ▪ Activation SAP RAL ▪ In add.: Delivery of template(s) ▪ Customizing and technical testing of SAP RAL on the basis of the concept specifications ▪ View additional functions ▪ Protocol storage and evaluation ▪ Integration into other applications (Threat Detection) ▪ Refinement of logging (filter / conditions) ▪ Customizing distribution / master client ▪ Permissions ▪ Final function test ▪ Training / Documentation ▪ Handover to business ▪ Maintenance ▪ Result archiving ▪ Development / Roll-Out Project Run Time: 10 – 24 Weeks 12 - 24 Months Scope Test Environment Tailoring your solution Start Regular Business Support Typical Phases During Implementation Data Security und Data Privacy in SAP - Read Access Logging
  • 15. SAP Read Access Logging Tasks and efforts during implementation RAL offers consistent and comprehensive access control 01 02 03 04 05 (**) Operations & Monitoring (II) Realization Work Package (I) Conception / Preparation (IV) Roll-Out P-System (III) Roll-Out Q-System Work Package Effort Bus. Effort IT (I) Conception/ Preparation 1/2/3 15 MD 15 MD (II) Realization RAL4 20 MD 35 MD (III) Roll-Out Q-System 10 MD 10 MD (IV) Roll-Out P-System 15 MD 10 MD Total Effort 60 MD 70 MD Indicative project planning and effort assessment1 1 Experiences from reference projects 2 System in scope SAP ERP / CRM (pbD) 3 Add. external auditing (optional) 4 Also add. licence costs15 Task Levels Level Activities 1 • Conception and analysis based on the present system landscape • Creation of a phase plan as well as concreting of realization costs • Coordination and consideration of data protection requirements 2 • Realization of the conceived monitoring channels, processes, authorizations and conditions • Function test and performance test (including test automation) 3 • Roll-out and test of the configuration as well as the developments / extensions on the productive system chain (quality system) 4 • Roll-out and operation of the configuration as well as the developments / extensions on the productive system chain (production) Data Security und Data Privacy in SAP - Read Access Logging
  • 16. Services provided by Natuvion in the context of access control with SAP RAL 16 Conception (Scope & Analysis) Proof Of Concept (2 Processes - 10 MD) Full Realization (incl. Maintenance) Quality Assurance (Audit, Training, QS) Data Security und Data Privacy in SAP - Read Access Logging
  • 17. AGENDA Natuvion Webcast Series Data Security and Data Privacy SAP RAL Read Access Logging SAP RAL Configuration and Application SAP RAL Introduction and Costs Contact BERLIN 30.11.2016 – Patric Dahse NATUVION 17
  • 18. Natuvion GmbH Altrottstraße 31 | 69190 Walldorf Fon +49 6227 73-1400 Fax +49 6227 73-1410 www.natuvion.com We look forward to answering any of your questions! Patric Dahse Managing Director Tel: +49 151 171 357 02 E-Mail: patric.dahse@natuvion.com 18 Data Security und Data Privacy in SAP - Read Access Logging