Upload File

sap security compliance tools_pennonsoft

13
1 SAP Security and Controls Use of Security Compliance Tools to Detect and Prevent Security and Controls Violations

Upload: pennonsoft

Post on 15-Jul-2015

97 views

Category:

Technology


1 download

Report

Tags:

TRANSCRIPT

Page 1: Sap security compliance tools_PennonSoft

1

SAP Security and Controls

Use of Security Compliance Tools to Detect and Prevent Security and

Controls Violations

Page 2: Sap security compliance tools_PennonSoft

2

Agenda

• Increased Focus on Security & Controls

• SAP R/3 Security Risks & Controls

• Security Management

• Security Compliance Tools

• Questions

Page 3: Sap security compliance tools_PennonSoft

3

Increased Focus on Security and Controls

• Fraud (Barings Bank,WorldCom, Enron,...)

• Security Breaches (UCs, BC, Stanford...)

• Regulatory Compliance• Sarbanes-Oxley (SOX)

• Family Educational Rights and Privacy Act (FERPA)

• Gramm-Leach-Bliley Act (GLBA)

• Health Insurance Portability and Accountability Act (HIPAA)

Page 4: Sap security compliance tools_PennonSoft

4

Security Risks• Access Control

• Do some users have too much access?• Sufficient access restrictions to private

information?

• Segregation of Duties (SoD)

Page 5: Sap security compliance tools_PennonSoft

5

Security Compliance Tools – Internal Controls

• “Internal Controls are processes designed by management to provide reasonable assurance that the Institute will achieve its objectives” (From MIT’s Guidelines For Financial Review and Control)

• Cost of implementing control should not exceed the expected benefit of the control

• “Security is a process not a product”

Page 6: Sap security compliance tools_PennonSoft

6

Security Compliance Tools

Who has access to sensitive transactions?

Are there any SoD violations?

• Real-Time Monitoring• Remove access or assign mitigating controls• Reduce time and effort when providing

information to auditors

Page 7: Sap security compliance tools_PennonSoft

7

SoD Rules Matrix• Predefined SoD Rule Set

• Can Add Custom Transactions to Rule Set

Page 8: Sap security compliance tools_PennonSoft

8

Virsa-Compliance Calibrator

Page 9: Sap security compliance tools_PennonSoft

9

Virsa-Compliance Calibrator

Page 10: Sap security compliance tools_PennonSoft

10

Virsa-Compliance Calibrator

• Resolve SoD Issues

Page 11: Sap security compliance tools_PennonSoft

11

Security Compliance Software Vendors

• Virsa

• Approva

• Oversight Systems

• Big 4 (E&Y, PwC, KPMG, Deloitte)

Page 12: Sap security compliance tools_PennonSoft

12

Benefits of Security Compliance Tools - Summary

• Run with SAP R/3

• Automate SoD analysis

• Automate monitoring of critical transactions

• Quick assessment of authorization compliance for business users, auditors, and IT security staff

• Used during development/project efforts

• Avoid manual analysis and false positives

Page 13: Sap security compliance tools_PennonSoft

13

CONTACTMail : Mail : [email protected]@pennonsoft.com

Phone : Phone : (414) 433-4823Website : Website : www.pennonsoft.com

mailto:[email protected]

EMC Hybrid Cloud for SAP - Enhanced Security and Compliance

SAP Overview SAP Security Integration

SAP Governence Risk Compliance Overview

Sap Security

Appsian App Security Datasheet - ERP Security & Compliance, Designed for SAP & PeopleSoft · 2020. 1. 27. · Facilitates Integration Broker Authentication Allows manual logins •

SAP Innovation Forum Portugal GDPR Compliance · PDF fileActive and Archive, cover non-SAP • Products from GRC & Security and DDM ... paper, OCR, unstructured data

SAP Environmental Compliance 3 - SAP Help Portal · PDF fileSAP Environmental Compliance 3.0 runs in SAP NetWeaver Portal 7 ... (MM) SAP EC ... An integration feature with SAP Portfolio

SAP Security Guide: SAP Applications on SAP Adaptive ... · PDF filePUBLIC 2017-08-24 SAP Security Guide: SAP Applications on SAP Adaptive Server Enterprise

Integration for SAP GRC Access Control Installation and ...SAP Governance, Risk and Compliance Access Control is also called SAP GRC Access Control. IBM Security Identity Manager was

Designing SAP Application Security - United States · PDF fileTitle: Designing SAP Application Security Author: Protiviti Subject "SAP, SAP security, SAP application security, SAP

SAP Governence Risk Compliance Overview.pdf

WhatCISO’s%should%know% aboutSAP%Security · PDF fileAgenda’ • SAP:%Intro% • SAP%security%vulnerabiliAes% • SAP%security%myths% • Demo • Problem • Soluon • Sap%security%in%figures%report%

About the company - SAP Cyber Security Solutions · About the company 2 ... PRD SAP CRM 6.0 NetWeaver AS ABAP 7.0. ... 1.2 Scan Profiles Technical Compliance of SAP system is its

SAP Security SAP Security Essentials

The importance of SAP Patch Management · ERP Security • SAP Security assessments and hardening • SAP Security research • Regular presenters on the topic of SAP Security •

1 SAP Security and Controls Use of Security Compliance Tools to Detect and Prevent Security and Controls Violations

VAT Compliance through SAP Control

SAP Compliance Tool for SAP IT Audit

Security & Compliance in SAP: un approccio alla ... · L'acronimo SAP significa "Systeme, Anwendungen, Produkte in der Datenverarbeitung". Curiosamente la leggibilità dell'acronimo

Volkmar Lotz Practice Lead Security&Trust, SAP Research · Technologiebeiträge zu Sicherheit und Compliance im Business Web Volkmar Lotz Practice Lead Security&Trust, SAP Research

SAP Compliance for SAP License Audit - AuditBOT

SAP Product Stewardship Network Security and Compliance at SAP€¦ · SAP Product Stewardship Network Security Offerings – Identity Management • SAP Product Stewardship Network

Security Certifications Compliance · Security Certifications Compliance Characteristics ThefollowingtabledescribesbehaviorchangeswhenyouenableCCorUCAPLmode.(Restrictionsonlogin

Security and Emergency Services Community of … and Emergency Services Community of ... SAP) - Applies ... SAP Mid-Level Management 2 DSSA SAP Security Compliance Inspection Seminar

83785 - Security, compliance, data protection - SAP helps ... AC Slide Decks... · SAP will continue to drive security into the heart of the application and to excel in secure cloud

SAP HANA Security Guide - SAP Help Portal · PDF fileSAP HANA Security Guide Introduction to SAP HANA Security. 3 SAP HANA Security Patches To ensure the security of SAP HANA, it's

SAP Security Chat Tips to Improve SAP ERP Security

Security in SAP HANA - · PDF fileauthentication and authorization network security auditing and logging encryption sap hana one ... 6. security in sap hana. security in sap hana

SAP – Validation and GMP Compliance · Ramp up and training ... SAP support tools (MDG) Audit trail in SAP ... If you book “SAP – Validation and GMP Compliance

SAP Authorizations & Compliance

JAFAN 6/0 Checklist - Defense Security · PDF fileSECURITY COMPLIANCE INSPECTION TEMPLATE (Version: ... appropriate security classification markings and ... to serve as the SAP security

SAP Document Compliance Overview€¦ · SAP Document Compliance Objectives SAP Document Compliance eDocument framework has been developed by SAP Globalization Services • to comply

MR TIGER KIU - AFSUG · xDC Security Data Center DCN UC VC/TP IVS Network Security Mobile Security Data Loss Prevention Compliance Security OM ... SAP HANA In-Memory Instant Results

SAP on Azure Security & Compliance

Combining Governance, Risk and Compliance Provides · PDF fileCombining Governance, Risk and Compliance Provides Security. ... FICO Germany (formerly known as ... connection to SAP