profile tailor dynamics brochure
TRANSCRIPT
I A New Approach to SAP SecurityAs an advanced behavior monitoring & alerting system, ProfileTailor™ Dynamics delivers unprecedented vis-ibility of actual, real-time SAP authorization usage. The system monitors the access and operations of SAP sys-tems, generates detailed dynamic usage profile analy-ses for every internal and external SAP user - and sends alerts about unusual or unacceptable activity, includ-ing risk severity level.
WHY Enterprises NEED ProfileTailor™ Dynamics
The SAP Authorization mechanism is very complex; or-ganizations lack the ability to determine which autho-rizations are used, unused, underused, or duplicated. Security officers often lack sufficient familiarity with SAP in order to properly monitor and control authorizations.
The typical challenges faced are• Organizations want to be able to control Segregation
of Duties (Sod) compliance automatically.• Employees collect new authorizations as they
change roles in the organization; they rarely give up-old authorizations, even if not needed in their new positions.
• A clear licence audit and reconciliation report is not available in order to accurately determine additional licence requirements at negotiation time.
• SAP_ ALL and other privileged user authorizations are often not removed, even when employees’ jobs no longer require this extremely sensitive status.
• Typical SAP users utilize only 7% of their authorizations, opening the door to security breaches and other risks.
• It is critical for enterprises to prevent fraud and leak-age of sensitive information.
• Everyone is aware of the problem, but there has been no easy, fast, reliable way to fix it… until now.
Profile Tailor™ DynamicsDelivers Total Visibility of Real-Time SAP User Behavior - Increases SAP Security - Decreases SAP Costs
Pr o f i l eTa i l o r ™ D y n a m i c s X p a n d s S A P S e c u r i t y a n d C o n t r o l- - - a n d C u t s S A P C o s t s !
www.xpandion.comTel: 1-800-7075144
ProfileTailor™ Dynamics shines a light into the abyss of authorizations, straightens out
the confusion, and makes true security possible - enabling CISOs to do their jobs
quickly, thoro ughly, easily, and, some say - even enjoyably!
Reports
An array of reports, dashboards and alerts give ongoing warnings of unusual or unacceptable activity includ-ing access to high-risk functions. Suspected security breaches are analyzed and scored according to a pre-determined level of severity.Usage reports include the type and frequency of autho-rization access – as well as the discrepancies between allowed and actual usage - enabling smart decisions about permission levels for each user, based on ac-tual activity. Dormant user accounts are automatically locked to reduce the risk of unauthorized access.
Figure 1. Example of Roles granted to a user and actual usage
Figure 2. Real-Time Event Monitoring
Pr o f i l eTa i l o r ™ D y n a m i c s X p a n d s S A P S e c u r i t y a n d C o n t r o l- - - a n d C u t s S A P C o s t s !
www.xpandion.comTel: 1-800-7075144
II Segregation of Duties Made SimpleA special module for Segregation of Duties enables the identification of violations of SoD combinations on both the static level of granting authorizations for users - and on the dynamic level, as a compensating control. The SoD module includes a simulation screen - a “What If“ mechanism - to test whether granting a user an activity or an authorization role will violate one of the SoD rules.
III Automatic SAP AuditingProfileTailor™ Dynamics is a comprehensive solution that delivers continuous auditing based on users’ ac-tual, real-time behavior.
The ProfileTailor™ system:• Requires no special knowledge of IT or SAP.• Automates labour-intensive tasks that were previ-
ously performed manually, such as testing user ac-cess and transactions.
• Provides continuous monitoring.• Improves quality of audits, from sample-based to
comprehensive, continuous monitoring, with real-time alerts about exceptions.
• Enables tests to be performed more often and covering more data.
• Reduces risk of fraud, with consequent increase in security as well as savings
• Reduces the costs of audits
IV SAP License OptimizationProfileTailor™ Dynamics can save on new SAP licenses and enables re-use of unused licenses when expanding.
• Decreases number of SAP Licenses; Examines SAP us-ers according to actual daily usage, enabling elimina-tion or lowering of licenses for users with no - or low – activity.
• Reduces Double License Counts; Identifies and alerts to simultaneous usage by same user from multiple computers, preventing double payments for the same SAP usernames.
• Pinpoints unused SAP licenses and licenses with low usage.
The elimination of authorization “waste“ in SAP systems saves users over15% on total
maintenance fees.
Figure 3. Segregation of Duties
Pr o f i l eTa i l o r ™ D y n a m i c s X p a n d s S A P S e c u r i t y a n d C o n t r o l- - - a n d C u t s S A P C o s t s !
www.xpandion.comTel: 1-800-7075144
Easy to Install and Easy to Use!
ProfileTailor™ Dynamics is an exceptionally intuitive system that requires no special knowledge of SAP, en-abling CISOs who are not SAP experts to secure their enterprises, preventing fraud and leakage of sensitive information.
It is also incredibly easy to install and completely risk-free, as it is external to the SAP server and client and requires no changes in the SAP system. Once installed, the system is accessed via a simple browser-based in-terface. With just a few clicks, key data streams from the SAP system are collected, collated, organized, analyzed, and presented in a clear and readable format.
In a Nutshell!
• Real-time authorization usage transparency• Complete authorization control• Continuous monitoring and alerts about unusual or
unacceptable activity & sensitive transaction execu-tion, including risk severity level
• Continuous monitoring and alerts about Segrega-tion of Duties (SoD) policy violations
• Automatic SAP audit trail• Elimination of redundant authorizations• Major savings on SAP licensing• Reduced SoD/SOX & authorization project costs• Intuitive browser-based interfaces for SAP• Fast, easy and totally non-intrusive installation
ProfileTailor™ Dynamics identifies unused objects, such as authorization profiles and roles, SAP activities, and
SAP programs - dramatically simplifying maintenance and upgrades.
Automation of in-house and outsourced auditing tasks through ProfileTailor™ Dynamics saves up to
30% on external auditor hours - including SAP audits, SoD/SOX
pro jects, and pre-defined risk reports.
Figure 4. Most Used Activities
Figure 5. Monthly Usage Report
Figure 6. Activities usage by Time Interval