protect sap data with fingerprint recognition software
DESCRIPTION
Bulletproof Security for SAP at your fingertips!TRANSCRIPT
![Page 1: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/1.jpg)
The only SAPThe only SAP®®-certified fingerprint authentication, -certified fingerprint authentication,
identity and risk management for SAPidentity and risk management for SAP®® systems systems
Bulletproof SAP® security at your fingertips!
Marketing Overview
© 2011 realtime North America Inc., Tampa, FL. All Rights Reserved.
![Page 2: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/2.jpg)
Founded in 1986 by former SAP® managers
Certified software, services & special expertise partner
Specializing in governance, risk and compliance (GRC)
Serving many industry sectors including food,
pharmaceutical, chemical, automotive, aerospace,
defense, engineering, government and more
Flagship software product, certified by SAP® since 2002
is
Bulletproof SAP® security at your fingertips!
Who is realtime?
![Page 3: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/3.jpg)
Selected realtime clients
3M, AIRBUS, Alcan, BASF IT Services B.V., Bayer,
Bayer CropScience, Brevard County Government,
California State University, Campbell's,
GlaxoSmithKline, Harman Kardon Music Group,
Krupp Bilstein, Linde, Loewe Opta, Marathon Oil, Océ
Document Technologies, Polk County School District,
Purdue Pharma, Siemens, ThyssenKrupp Michigan,
Toyota, United States Army…
Over 200 global clients served!
![Page 4: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/4.jpg)
What were these users looking for?
was developed to provide these
benefits demanded by users:
Dramatically increase SAP® security capabilities
Manage user identities via indisputable biometrics
Control access to functions down to the field level
Enforce true Segregation of Duties (SoD)
Ensure meaningful compliance with:
Sarbanes-Oxley, HIPAA, ITAR and more
![Page 5: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/5.jpg)
Is your system bulletproof?
Standard Version
+
Bulletproof Version Bulletproof Protection
Standard Protection
![Page 6: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/6.jpg)
According to the ACFE’s 2010 Report to the Nations on
Occupational Fraud and Abuse , based on global data, organizations lose about 5% of annual revenue to fraud. Schemes can go undetected for years and frequently involve first-time offenders.
Association of Certified Fraud Examiners www.acfe.com
#1 Risk: Fraud is a growth industry
![Page 7: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/7.jpg)
Risk of Financial Fraud?
HIPAA Compliance?
Sarbanes-Oxley (Section 404)?
ITAR?
Industrial Espionage?
Other regulations?
Are you concerned about…
![Page 8: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/8.jpg)
Financial loss?
Negative publicity?
Lawsuits?
Loss of intellectual property?
Decline in stock price?
How would an incident affect you?
![Page 9: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/9.jpg)
Are you still relying on this?Are you still relying on this?
User password SAP® Software
Passwords are written down, borrowed, stolen, misused
Provides “perimeter” security but no additional layers!
Traditional SAP® log-on process uses passwords
![Page 10: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/10.jpg)
Biometric technology offers the highest
security
Fingerprint Scan = Maximum Security
![Page 11: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/11.jpg)
How to Bulletproof your system:How to Bulletproof your system:
SAP® log-on profiles are enhanced with fingerprint interface
User is prompted via bioLock software as shown above
Various hardware devices can be used to securely scan fingerprints - while protecting users’ privacy!
SAP® SoftwareEncrypted scanUser’s fingerprint
X
![Page 12: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/12.jpg)
What devices can verify user identity?What devices can verify user identity?
Plus one of these… (optional)
+
Potential Future Development
![Page 13: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/13.jpg)
bioLock is compatible with over 80 laptops (with built-in fingerprint sensor) and over 50 independent devices like mice, keyboards, or PCMCIA Cards.
is hardware independentis hardware independent
Cherry ID Mouse
Convenient Touch Sensor
bioLock ID Mouse
Powered by Secugen
Leading Laptops
23% have Swipe Sensors
Secugen Hamster
FIPS 201 Compliant
UPEK Eikon
Low-cost Device Cherry Keyboard
Smart Card Option
Zvetco P5000
High End Device
![Page 14: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/14.jpg)
SAP® log-on & system access withlog-on & system access with
Logon authorized
Logon blocked
Logon bioLock checks authentication rules
bioLockuser/
function
bioLock prompts you for fingerprint
Fingerprint comparison with table
bioLocktemplates
bioLock identifies unique points (minutiae) within a fingerprint and creates an encrypted, digital template
– no images of fingerprints are ever stored!
Note:
![Page 15: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/15.jpg)
5 Extra Levels of Security5 Extra Levels of Security
“Bulletproofing” with I) Authenticate user log-on based on fingerprint
II) Lock down any transaction (e.g. SE38 or ME21N)
III) Protect “infotypes”, fields, buttons according to customizable profiles (e.g. HR infotype 167)
IV) Require authentication if a field value exceeds a trigger amount (e.g. a transfer > $10,000)
V) Require dual user authentication for critical SAP® functions, viewing sensitive data or intellectual property
Existing SAP® SecurityConsists of Password Log-On
![Page 16: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/16.jpg)
Perimeter Security - Level I
Transactions – Level II
Fields - Level III
All levels can be controlled using fingerprint scan!
Bulletproof Security requires 5 LevelsBulletproof Security requires 5 Levels
Financial Limits – Level IV
Dual Approval – Level V
![Page 17: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/17.jpg)
Log-on to a Profile (e.g. Admin)
Transactions (e.g. HR / PO / Finance)
Infotypes (e.g. 008/167 etc.)
Buttons (e.g. Print / Export / Execute)
Display (e.g. Balance Sheet)
Execute (e.g. prevent execution of anything…)
Tables within SE16/SE16NPrograms within SE38Values (e.g. wire transfer of a certain amount)
Screens (e.g. export control / ITAR )
Dual AuthenticationMask Fields (e.g. make data invisible)
Example – Masking Field Data:
Multiple Control Points per UserMultiple Control Points per User
![Page 18: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/18.jpg)
bioLock will always identify and log the uniquely authenticated, actual users – independent of
their SAP User profiles
Sometimes multiple users share workstations, for example: Hospitals, Warehouses, Financial Institutions, etc.
Due to time constraints, logging on/off is impractical, but re-authentication via fingerprint scan is practical.
bioLock allows all users to authenticate on all workstations at the beginning of a work session, using only fingerprint authentication after the initial verification.
Fast User Switching
![Page 19: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/19.jpg)
Example: Who Has Access?Example: Who Has Access?
External Employees
Former Employees
Hackers
Criminals
The threat comes from the inside and outside!
Consultants Auditors
6,000 Named SAP Users
2,000 Users with potential access to critical data
1,000 Users with restricted roles to critical functions
Fraud is mostly committed by stealing or cracking
a password to access profiles with critical,
extended authorizations
VIP Only:
500 Permitted bioLock
Users for most critical
functions
Bulletproof Data Protection
![Page 20: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/20.jpg)
Unaffected by SAP® versions or upgrades
Existing SAP® passwords and authorizations are unchanged
Compatible with all SAP® versions from 4.x onward
Profiles are 100% customizable on a user-by-user basis
You decide what aspect of your system needs to be protected and how stringently!
- Seamless Integration
Bulletproof bioLock Security
![Page 21: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/21.jpg)
Only a minority of users are enrolled, depending on their security risk profile and management’s policies
One-time user enrollment takes only a few minutes
Use is very intuitive, no training required
Ongoing use consists of occasionally providing a fingerprint scan – each user profile can be unique
Fingerprint images are never stored – privacy is protected
What is the impact on users?
![Page 22: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/22.jpg)
User is prompted for a fingerprint scan to complete log-on (Security Level I)
User logs on using their SAP User Profile and password
Example – what a user sees…
![Page 23: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/23.jpg)
User selects the transaction “ME21N” to create a purchase order
NOTE: This could be virtually any R/3 transaction such as SE16 or SE38
User is prompted for a fingerprint scan to
complete the activity (Security Level II)
Example – what a user sees…
![Page 24: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/24.jpg)
Infotype 167 (field level) is protected for HIPAA compliance, so user is prompted for fingerprint scan (Security Level III)
User attempts to look up Health Plan information under Infotype 167
Example – what a user sees…
![Page 25: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/25.jpg)
Installation is done by simply downloading bioLock transports into its own /realtime namespace within SAP®.
bioLock is compatible with SAP® 4.x and higher, and is unaffected by version upgrades.
Configuration and training is done in several days with the support of realtime consultants or partners.
Roll-out to selected users can be done quickly, slowly or in phases as desired, or even by automated installation.
As users are activated, a fingerprint scanning device is installed at their work station. A robust audit trail is automatically generated within SAP®.
- What is the impact on IT?
![Page 26: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/26.jpg)
Log FileEnhanced activity logging
Sorted by error / threat category
Audit trail is greatly enhanced Example: Unauthorized attempt to log on with another user’s Password
SAP USER user profile…
…and the REAL USER as identified by fingerprint
![Page 27: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/27.jpg)
Sample Success Stories - Sample Success Stories - Achieve compliance with HIPAA by protecting private employee / HR information
Ensure proper approvals for purchasing by automating workflow with external browser access for senior executives
International bank prevents fraud with dual authentication and strong financial controls, masking data from unauthorized viewing
School Board prevents payroll and personal expense fraud which went undetected for years
European power plant protects all purchase orders and workflow for several thousand users
![Page 28: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/28.jpg)
Benefits of Benefits of The entire installation and configuration of bioLock can be done quite rapidly. Only minimal training is required, and the impact on both users and IT support staff is minimal, both during installation and in use.
Since bioLock is certified by SAP®, ongoing compatibility with different versions is assured.
In a very short time, you can start enjoying benefits such as:1. Dramatically increased SAP® security capabilities2. Manage users’ identities via indisputable biometrics3. Control access to functions down to the field level4. Enforce true Segregation of Duties (SoD)5. Attain meaningful compliance with SOX, HIPAA & ITAR
Statistically, a starter package could cost less than a single fraud incident.
![Page 29: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/29.jpg)
bioLock is SAP certified
- SAP- SAP® certified since 2002 certified since 2002
Visit: www.bioLock.us
![Page 30: Protect SAP data with fingerprint recognition software](https://reader033.vdocument.in/reader033/viewer/2022061213/5497ee69b47959846d8b4891/html5/thumbnails/30.jpg)
realtime North America, Inc.WORLD TRADE CENTER
1101 Channelside Drive, Tampa, FL 33602T: 813-283-0070 F: 813-283-0071 Email: [email protected]
Web: www.bioLock.us
Martin LumDirector of Business Development, Northeast
813-310-7007
Please contact us for a demonstration Please contact us for a demonstration or pilot installation:or pilot installation:
1-877-bioLock [email protected]