SAP is the core business system for many organizations globally. Given the business
critical nature of the SAP system, it is important to manage the risk involved.
The SAP ecosystem is complex and needs a comprehensive security framework incorporating
process and technology controls. Transaction and data security of mission critical
SAP systems is in focus due to the emergence of targeted attacks and the adaptation
of cloud and mobile technologies.
Why Aujas?
Aujas provides comprehensive end-to-end SAP Security combining its SAP domain expertise,
risk management expertise and technical expertise. The Aujas SAP Security team includes
experienced domain experts who have executed SAP security projects globally.
We help clients build strategy for SAP Security and provide technical solutions,
process frameworks to secure SAP initiatives and manage the risk in ERP driven environments.
Partnering with Aujas enables clients to leverage Aujas' proven domain expertise
in information risk management.
Our Services
SAP Technology Risk & Control Assessment: SAP Technology Risk and
Control Assessment is a service that provides feedback on how secure and trusted
your SAP system is. It compares current security processes with best practices and
provides an action-oriented response on how to improve security.
SAP Identity Management: The SAP NetWeaver Identity Management (IDM)
service provides centralized tools for managing the entire user life-cycle across
highly diverse system environments. It automates processes such as employee on-boarding
and access rights management for users.
SAP Secure Log-In and Single Sign-On: SAP NetWeaver Single Sign-On helps
customers set up secure single sign-on for all SAP GUI types, web applications and
identity federation. Based on standards such as X.509 certificates, Kerberos and
the security assertion markup language (SAML), the solution can deliver high security
standards.
SAP Technology Risk & Control Assessment services
Aujas’ end-to-end services include SAP Security baselines, SAP landscape security,
BASIS controls, Authorization review, SoD violations, OS & DB reviews for clients
built around SAP.
Consultative & Advisory services review risk exposure, analyze the
current situation, devise an appropriate strategy, or develop a business case for
subsequent project investment.
Project Delivery services implement controls, design and build suitable
security for an existing or a new SAP system, and deliver a change project with
security objectives.
SAP Security Review service tests and provides feedback on how secure
the SAP system is. It compares current security processes with best practices and
provides recommendations on how to improve security further.
Detailed services include:
- Review of authorization policy documents and review of process
efficiency and adoption
- Access by users or user classes and by support and service
provider, analysis of reporting, and evaluating effectiveness of housekeeping &
operational security processes
- Segregation of duties, conflicts, incident response processes
and compliance issues
- Implementation of methods and controls for bespoke programs,
and authorizations etc.
- Use of table access, access to restricted objects, use and
process for all known super users
- Reviewing authorization, team operations, training requirements
and advising on opportunity to reduce security costs through automation and process
improvement
SAP Identity Management
SAP NetWeaver Identity Management
The SAP NetWeaver Identity Management (IDM) component provides centralized tools
for managing the entire user life-cycle across highly diverse system environments.
It automates processes such as employee on-boarding and access rights management
for external users while ensuring compliance.
Strategy Design & Implementation
A thorough requirement analysis in the planning phase is essential and lays the
foundation for an effective IDM solution. Aujas evaluates client needs through multiple
avenues, including executive workshops and field assessments, leading to strategy,
an IDM roadmap, and implementation.
Aujas helps with business case analysis, technology evaluation, solution architecture
and implementation & support leading to:
Digital Identity and User Lifecycle Management
Digital Identity Management deals with the design and administration of information
to identify a person for the purpose of authorizing him/her for digital transactions.
It is also essential to manage these identities (including processes and technologies)
over time.
Role Engineering and Entitlement Management
A new granular paradigm in IDM, this ensures that employees have only as much access
as required to do their job effectively, and only for as long as they need to do
that job. Policy-based dynamic controls specify who can have access to what and
at what time and in what context.
SAP Secure LogIn and Single Sign-On
SAP NetWeaver Single Sign-On
With the SAP NetWeaver Single Sign-On application, customers can set up secure single
sign-on and single log-out scenarios tailored to their individual requirements,
including all SAP GUI types, web applications, and identity federation across domain
boundaries.
Based on standards such as X.509 certificates, Kerberos and the security assertion
markup language (SAML), SAP NetWeaver Single Sign-On is a flexible solution that
can meet the highest security standards.
Strategy Design & Implementation
Aujas services include executive workshop and business requirement analysis, business
case analysis, SSO Secure LogIn strategy and roadmap, best fit solution identification,
proof of concept and project management and implementation services.
Sustenance and Optimization
SSO is never static and the system needs to evolve. Aujas provides services to support
this through enhancements and upgrades as they happen in the SAP landscape. Aujas
services include health check, post implementation support, enhancements, change
requests, and performance optimization.
(Note: SAP, SAP NetWeaver, SAP IdM, SAP SSO, SAP SNC are registered trademarks
owned by SAP AG Germany)