The only SAP ® -certified fingerprint authentication, identity and risk management for SAP ®  systems   Bulletproof SAP ® ...
<ul><li>Founded in 1986 by former SAP ®  managers </li></ul><ul><li>Certified software, services & special expertise partn...
Selected  realtime  clients 3M, AIRBUS, Alcan, BASF IT Services B.V., Bayer, Bayer CropScience, Brevard County Government,...
What were these users looking for? <ul><li>was developed to provide these benefits demanded by users: </li></ul><ul><li>Dr...
Is your system bulletproof? Standard Version + Bulletproof Version Bulletproof Protection Standard Protection
<ul><li>According to the ACFE’s  2010   Report to the Nations on  Occupational  Fraud and Abuse  ,  based on global data, ...
<ul><li>Risk of Financial  Fraud? </li></ul><ul><li>HIPAA  Compliance? </li></ul><ul><li>Sarbanes-Oxley   (Section 404)? <...
<ul><li>Financial loss?   </li></ul><ul><li>Negative publicity? </li></ul><ul><li>Lawsuits? </li></ul><ul><li>Loss of inte...
Are you still relying on this? User password SAP ®  Software <ul><li>Passwords are written down, borrowed, stolen, misused...
Fingerprint Scan = Maximum Security Biometric technology offers the highest security
How to Bulletproof your system: <ul><li>SAP ®  log-on profiles are enhanced with fingerprint  inter face </li></ul><ul><li...
What devices can verify user identity? Plus one of these …  (optional) + Potential Future Development
bioLock is compatible with over 80 laptops (with built-in fingerprint sensor) and over 50 independent devices like mice, k...
SAP ®  log-on & system access with Logon Logon authorized  Logon blocked  bioLock checks  authentication rules bioLock u...
5 Extra Levels of Security Existing SAP® Security Consists of Password Log-On <ul><li>“ Bulletproofing ” with  </li></ul><...
System Log-on Transaction Bulletproof Security requires 5 Levels Any Field Perimeter Security  - Level I Transactions  – L...
<ul><li>Log-on to a Profile  (e.g.  Admin) </li></ul><ul><li>Transactions  (e.g.  HR / PO / Finance)  </li></ul><ul><li>In...
bioLock  will always identify and log the uniquely authenticated, actual users – independent of their SAP User profiles <u...
Example: Who Has Access? Fraud is mostly committed  by stealing or cracking a  password to access profiles with critical, ...
<ul><li>Unaffected by SAP ®  versions or upgrades  </li></ul><ul><li>Existing SAP ®  passwords and authorizations are unch...
<ul><li>Only a minority of users are enrolled, depending on their security risk profile and management’s policies </li></u...
User logs on using their SAP User Profile and password Example – what a user sees… User is prompted for a fingerprint scan...
User selects the transaction “ME21N” to create a purchase order NOTE: This could be virtually any R/3 transaction such as ...
User attempts to look up Health Plan information under Infotype 167 Example – what a user sees… Infotype 167 (field level)...
<ul><li>Installation is done by simply downloading  bioLock  transports into its own  /realtime  namespace within SAP ® . ...
Log File Enhanced activity logging Sorted by error / threat category <ul><li>Audit trail is greatly enhanced </li></ul>Exa...
Sample Success Stories -  <ul><li>Achieve compliance with  HIPAA  by protecting private employee / HR information </li></u...
Benefits of  <ul><li>The entire installation and configuration of  bioLock  can be done quite rapidly. Only minimal traini...
bioLock is SAP certified - SAP ®  certified since 2002 Visit:   www.bioLock.us
realtime North America, Inc. WORLD TRADE CENTER 1101 Channelside Drive, Tampa, FL 33602 T: 813-283-0070  F: 813-283-0071  ...
Upcoming SlideShare
Loading in …5
×

biolock Presentation

1,210 views

Published on

Learn how to bulletproof your SAP® security. Dramatically increase control of your SAP® data, Stop insider fraud and restrict access...

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,210
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • bioLock is the first SAP certified biometric identity management system. bioLock has 3-level security protection: Level I - SAP Logon, Level II - Transactions, Level III - Data. bioLock will uniquely identify the “actual user” and log all activities. Sarbanes-Oxley Section 404 requires that companies develop strong internal controls to prevent and detect fraud. With over 20 ways to get access to passwords, fraud prevention cannot be accomplished. bioLock offers Internal Control and Audit departments not only the ability to prevent unauthorized access on all levels, but also to proof, who did what and when within the mySAP ERP System.
  • biolock Presentation

    1. 1. The only SAP ® -certified fingerprint authentication, identity and risk management for SAP ® systems Bulletproof SAP ® security at your fingertips! Marketing Overview © 2011 realtime North America Inc., Tampa, FL. All Rights Reserved.
    2. 2. <ul><li>Founded in 1986 by former SAP ® managers </li></ul><ul><li>Certified software, services & special expertise partner </li></ul><ul><li>Specializing in governance, risk and compliance (GRC) </li></ul><ul><li>Serving many industry sectors including food, </li></ul><ul><li>pharmaceutical, chemical, automotive, aerospace, </li></ul><ul><li>defense, engineering, government and more </li></ul><ul><li>Flagship software product, certified by SAP ® since 2002 is </li></ul><ul><li>Bulletproof SAP ® security at your fingertips! </li></ul>Who is realtime ?
    3. 3. Selected realtime clients 3M, AIRBUS, Alcan, BASF IT Services B.V., Bayer, Bayer CropScience, Brevard County Government, California State University, Campbell's, GlaxoSmithKline, Harman Kardon Music Group, Krupp Bilstein, Linde, Loewe Opta, Marathon Oil, Océ Document Technologies, Polk County School District, Purdue Pharma, Siemens, ThyssenKrupp Michigan, Toyota, United States Army… <ul><li>Over 200 global clients served! </li></ul>
    4. 4. What were these users looking for? <ul><li>was developed to provide these benefits demanded by users: </li></ul><ul><li>Dramatically increase SAP ® security capabilities </li></ul><ul><li>Manage user identities via indisputable biometrics </li></ul><ul><li>Control access to functions down to the field level </li></ul><ul><li>Enforce true Segregation of Duties (SoD) </li></ul><ul><li>Ensure meaningful compliance with: Sarbanes-Oxley, HIPAA, ITAR and more </li></ul>
    5. 5. Is your system bulletproof? Standard Version + Bulletproof Version Bulletproof Protection Standard Protection
    6. 6. <ul><li>According to the ACFE’s 2010 Report to the Nations on Occupational Fraud and Abuse , based on global data, organizations lose about 5% of annual revenue to fraud. </li></ul><ul><li>Schemes can go undetected for years and frequently involve first-time offenders. </li></ul><ul><li>Association of Certified Fraud Examiners www.acfe.com </li></ul>#1 Risk: Fraud is a growth industry
    7. 7. <ul><li>Risk of Financial Fraud? </li></ul><ul><li>HIPAA Compliance? </li></ul><ul><li>Sarbanes-Oxley (Section 404)? </li></ul><ul><li>ITAR ? </li></ul><ul><li>Industrial Espionage? </li></ul><ul><li>Other regulations? </li></ul>Are you concerned about…
    8. 8. <ul><li>Financial loss? </li></ul><ul><li>Negative publicity? </li></ul><ul><li>Lawsuits? </li></ul><ul><li>Loss of intellectual property? </li></ul><ul><li>Decline in stock price? </li></ul>How would an incident affect you?
    9. 9. Are you still relying on this? User password SAP ® Software <ul><li>Passwords are written down, borrowed, stolen, misused </li></ul><ul><li>Provides “perimeter” security but no additional layers! </li></ul><ul><li>Traditional SAP ® log-on process uses passwords </li></ul>
    10. 10. Fingerprint Scan = Maximum Security Biometric technology offers the highest security
    11. 11. How to Bulletproof your system: <ul><li>SAP ® log-on profiles are enhanced with fingerprint inter face </li></ul><ul><li>User is prompted via bioLock software as shown above </li></ul><ul><li>Various hardware devices can be used to securely scan </li></ul><ul><li>fingerprints - while protecting users’ privacy! </li></ul>X SAP ® Software Encrypted scan User’s fingerprint
    12. 12. What devices can verify user identity? Plus one of these … (optional) + Potential Future Development
    13. 13. bioLock is compatible with over 80 laptops (with built-in fingerprint sensor) and over 50 independent devices like mice, keyboards, or PCMCIA Cards. is hardware independent Cherry ID Mouse Convenient Touch Sensor bioLock ID Mouse Powered by Secugen Leading Laptops 23% have Swipe Sensors Secugen Hamster FIPS 201 Compliant UPEK Eikon Low-cost Device Cherry Keyboard Smart Card Option Zvetco P5000 High End Device
    14. 14. SAP ® log-on & system access with Logon Logon authorized  Logon blocked  bioLock checks authentication rules bioLock user/ function bioLock prompts you for fingerprint Fingerprint comparison with table bioLock templates bioLock identifies unique points (minutiae) within a fingerprint and creates an encrypted, digital template – no images of fingerprints are ever stored! Note:
    15. 15. 5 Extra Levels of Security Existing SAP® Security Consists of Password Log-On <ul><li>“ Bulletproofing ” with </li></ul><ul><li>Authenticate user log-on based on fingerprint </li></ul><ul><li>Lock down any transaction (e.g. SE38 or ME21N) </li></ul><ul><li>III) Protect “infotypes”, fields, buttons according to customizable profiles (e.g. HR infotype 167) </li></ul><ul><li>IV) Require authentication if a field value exceeds a trigger amount (e.g. a transfer > $10,000) </li></ul><ul><li>V) Require dual user authentication for critical SAP ® functions, viewing sensitive data or intellectual property </li></ul>
    16. 16. System Log-on Transaction Bulletproof Security requires 5 Levels Any Field Perimeter Security - Level I Transactions – Level II Fields - Level III All levels can be controlled using fingerprint scan! Financial Limits – Level IV Dual Approval – Level V
    17. 17. <ul><li>Log-on to a Profile (e.g. Admin) </li></ul><ul><li>Transactions (e.g. HR / PO / Finance) </li></ul><ul><li>Infotypes (e.g. 008/167 etc.) </li></ul><ul><li>Buttons (e.g. Print / Export / Execute) </li></ul><ul><li>Display (e.g. Balance Sheet) </li></ul><ul><li>Execute (e.g. prevent execution of anything…) </li></ul><ul><li>Tables within SE16/SE16N </li></ul><ul><li>Programs within SE38 </li></ul><ul><li>Values (e.g. wire transfer of a certain amount) </li></ul><ul><li>Screens (e.g. export control / ITAR ) </li></ul><ul><li>Dual Authentication </li></ul><ul><li>Mask Fields (e.g. make data invisible) </li></ul>Multiple Control Points per User Example – Masking Field Data:
    18. 18. bioLock will always identify and log the uniquely authenticated, actual users – independent of their SAP User profiles <ul><li>Sometimes multiple users share workstations, for example: Hospitals, Warehouses, Financial Institutions, etc. </li></ul><ul><li>Due to time constraints, logging on/off is impractical, but re-authentication via fingerprint scan is practical. </li></ul><ul><li>bioLock allows all users to authenticate on all workstations at the beginning of a work session, using only fingerprint authentication after the initial verification. </li></ul>Fast User Switching
    19. 19. Example: Who Has Access? Fraud is mostly committed by stealing or cracking a password to access profiles with critical, extended authorizations External Employees Former Employees Hackers Criminals The threat comes from the inside and outside! Consultants Auditors 6,000 Named SAP Users 2,000 Users with potential access to critical data 1,000 Users with restricted roles to critical functions VIP Only: 500 Permitted bioLock Users for most critical functions Bulletproof Data Protection
    20. 20. <ul><li>Unaffected by SAP ® versions or upgrades </li></ul><ul><li>Existing SAP ® passwords and authorizations are unchanged </li></ul><ul><li>Compatible with all SAP ® versions from 4.x onward </li></ul><ul><li>Profiles are 100% customizable on a user-by-user basis </li></ul><ul><li>You decide what aspect of your system needs to be protected and how stringently! </li></ul>- Seamless Integration Bulletproof bioLock Security
    21. 21. <ul><li>Only a minority of users are enrolled, depending on their security risk profile and management’s policies </li></ul><ul><li>One-time user enrollment takes only a few minutes </li></ul><ul><li>Use is very intuitive, no training required </li></ul><ul><li>Ongoing use consists of occasionally providing a fingerprint scan – each user profile can be unique </li></ul><ul><li>Fingerprint images are never stored – privacy is protected </li></ul>What is the impact on users?
    22. 22. User logs on using their SAP User Profile and password Example – what a user sees… User is prompted for a fingerprint scan to complete log-on (Security Level I)
    23. 23. User selects the transaction “ME21N” to create a purchase order NOTE: This could be virtually any R/3 transaction such as SE16 or SE38 Example – what a user sees… User is prompted for a fingerprint scan to complete the activity (Security Level II)
    24. 24. User attempts to look up Health Plan information under Infotype 167 Example – what a user sees… Infotype 167 (field level) is protected for HIPAA compliance, so user is prompted for fingerprint scan (Security Level III)
    25. 25. <ul><li>Installation is done by simply downloading bioLock transports into its own /realtime namespace within SAP ® . </li></ul><ul><li>bioLock is compatible with SAP ® 4.x and higher, and is unaffected by version upgrades. </li></ul><ul><li>Configuration and training is done in several days with the support of realtime consultants or partners. </li></ul><ul><li>Roll-out to selected users can be done quickly, slowly or in phases as desired, or even by automated installation. </li></ul><ul><li>As users are activated, a fingerprint scanning device is installed at their work station. A robust audit trail is automatically generated within SAP ® . </li></ul>- What is the impact on IT?
    26. 26. Log File Enhanced activity logging Sorted by error / threat category <ul><li>Audit trail is greatly enhanced </li></ul>Example: Unauthorized attempt to log on with another user’s Password SAP USER user profile… … and the REAL USER as identified by fingerprint
    27. 27. Sample Success Stories - <ul><li>Achieve compliance with HIPAA by protecting private employee / HR information </li></ul><ul><li>Ensure proper approvals for purchasing by automating workflow with external browser access for senior executives </li></ul><ul><li>International bank prevents fraud with dual authentication and strong financial controls, masking data from unauthorized viewing </li></ul><ul><li>School Board prevents payroll and personal expense fraud which went undetected for years </li></ul><ul><li>European power plant protects all purchase orders and workflow for several thousand users </li></ul>
    28. 28. Benefits of <ul><li>The entire installation and configuration of bioLock can be done quite rapidly. Only minimal training is required, and the impact on both users and IT support staff is minimal, both during installation and in use. </li></ul><ul><li>Since bioLock is certified by SAP ® , ongoing compatibility with different versions is assured. </li></ul><ul><li>In a very short time, you can start enjoying benefits such as: </li></ul><ul><ul><ul><li>Dramatically increased SAP ® security capabilities </li></ul></ul></ul><ul><ul><ul><li>Manage users ’ identities via indisputable biometrics </li></ul></ul></ul><ul><ul><ul><li>Control access to functions down to the field level </li></ul></ul></ul><ul><ul><ul><li>Enforce true Segregation of Duties (SoD) </li></ul></ul></ul><ul><ul><ul><li>Attain meaningful compliance with SOX, HIPAA & ITAR </li></ul></ul></ul><ul><li>Statistically, a starter package could cost less than a single fraud incident. </li></ul>
    29. 29. bioLock is SAP certified - SAP ® certified since 2002 Visit: www.bioLock.us
    30. 30. realtime North America, Inc. WORLD TRADE CENTER 1101 Channelside Drive, Tampa, FL 33602 T: 813-283-0070 F: 813-283-0071 Email: info@biolock.us Web: www.bioLock.us Martin Lum Director of Business Development, Northeast 813-310-7007 Please contact us for a demonstration or pilot installation: 1-877-bioLock [email_address]

    ×