The Appsian Platform’s SAP Integration Certification allows customers of SAP ECC and SAP S/4HANA to implement fine-grained controls designed to minimize business risk, strengthen SoD policies, as well as limit sensitive data exposure.
Appsian, ERP security services provider, recently had the SAP Integration Certification of its data security and compliance platform for SAP ERP Central Component (SAP ECC) and SAP S/4HANA.
Today, more than ever, organisations are focused on gaining digital trust among stakeholders in terms of data security especially in governing customer personal information, employee data, finance, and high-value intellectual property.
The SAP integration with the Appsian platform supports the customers’ concerns in filling critical governance, risk, and compliance (GRC) gaps in ERP applications by integrating attribute-based access controls (ABAC), fine-grained data security solutions and real-time user behavior analytics.
Piyush Pandey, CEO at Appsian shared his insight and said:
“When it comes to ERP data access, context is everything.”
“Aligning policies to the precise data elements in a transaction is the most accurate strategy for reducing risk. We’re proud to be on the forefront of offering these solutions to our SAP customers,” he added.
According to an article by Niels Knuzen who worked as consultant for SAP Nordic and a Human Capital Management (HCM) subject matter expert, by definition, ABAC is “an access control method where user requests to perform operations on master data are granted or denied based on assigned attributes of the user, assigned attributes of the master data, environmental conditions, and a set of policies that are specified in terms of those attributes and conditions”. It is endorsed by NIST (The National Institute of Technology and Standards) as the best approach for handling complex and large access control needs because of its design.
With the benefits of ABAC, Appsian’s Platform applies fine-grained solutions that enable access policies to be contextually aware and dictated by the specific data elements being accessed and/or edited within a transaction.
Greg Wendt, Executive Director of Security Solutions at Appsian said:
“When you look at some of the greatest sources of business risk, you quickly realize that managing and enforcing polices based on the roles of users is inadequate.”
Wendt detailed further:
“What if a high privilege user is adjusting a PO amount beyond limits, or putting in an unauthorized pricing discount? What if a user is making unauthorized edits to Master Data or putting in a fraudulent vendor? All of these use-cases cost organizations enormous amounts of wasted money, and none of them would be prevented by using static soles to enforce policies.”
The Dallas-based ERP data security expert boasts of its platform that is complemented by real-time analytics, which captures granular data access information, aggregate and visualise the data to streamline and automate threat remediation and compliance audit initiatives.
Appsian’s CEO Pandey explained:
“By enhancing an organisation’s ability to control and better understand data access, the integrity of critical SAP business processes can be maintained.”
“We are excited about the recent SAP Integration Certification and look forward to providing SAP customers with maximum value for their governance, risk and compliance strategies,” he said.
Integrating with SAP
SAP facilitates integrations of GRC processes on a common technology platform while continuously monitoring risk and controls.
- Embed GRC into the foundation of business operations and digital transformation projects, automating key activities and providing real-time visibility and control
- Revolutionise GRC processes with intelligent automation – supported by artificial intelligence and continuous risk and control monitoring
- Make better decisions faster with embedded analytics, from operations to the digital boardroom
- Meet IT landscape goals with hybrid, cloud, and on-premise scenarios that share a consistent data model, code line, and user experience