SAP is the most used ERP program in organizations. SAP users can easily make dramatic security improvements by implementing rigorous re-authentication at granular levels which become user-specific checkpoints. The only biometric security program available that is seamlessly integrated and certified for SAP® since 2002 is the bioLock™ software from realtime AG. Combined with Fujitsu PalmSecure authentication the approach for security is to control what happens within SAP first at the moment of log-on but more especially after the user is in the system. This shifts the focus from simple peripheral security to sophisticated granular security.
With PalmSecure bioLock, customizable security checkpoints can be established based on management policies and business rules on a user-by-user basis. These re-authentication checkpoints can be set at very granular levels if needed such as tables, transactions, info types, fields, field values, buttons or whenever a critical activity is performed within SAP. Actions such as exporting data, printing data, saving data, changing data and of course viewing data can all be controlled. This could protect anything involving sensitive data, or large amounts of money, or any mission-critical information that would be of value if stolen.
Existing SAP security, roles and authorizations are unchanged – bioLock software complements, reinforces and sits on top of existing SAP security and GRC (Governance, Risk management und Compliance). Logging of activities, including errors and violations, are securely logged in a tamper-proof way that is accessible to third-party audit tools on a “read-only” basis. Employees can be enrolled into PalmSecure bioLock in a few minutes.
Establishing a bioLock user does not override or change existing SAP security settings. Instead, bioLock overlays and reinforces existing security. Use is extremely intuitive so there is no training or learning curve, users simply respond when prompted.
Bemefits of PalmSecure bioLock
- Protecting and controlling of sensitive data and transactions
- Secured and audit proofed evidence of transactions
- Easy and practicable for users, hygienic, high user acceptance
- Easy integration into existing infrastructure