Presentation is loading. Please wait.

Presentation is loading. Please wait.

Rick Killpack Senior Product Manager Identity and Security Novell, Inc. sample for a picture in the title slide SAP and Novell: Extending IT Governance.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Rick Killpack Senior Product Manager Identity and Security Novell, Inc. sample for a picture in the title slide SAP and Novell: Extending IT Governance."— Presentation transcript:

1 Rick Killpack Senior Product Manager Identity and Security Novell, Inc. sample for a picture in the title slide SAP and Novell: Extending IT Governance and Compliance

2 Agenda Addressing Today’s GRC Challenges The Solution in Action Why the Novell/SAP Joint Solution?

3 Cost Competition Compliance Complexity Determining “Who has access to what?” Lowering IT Management Costs Eliminating Security Vulnerabilities Addressing Compliance Demands Integrating Disparate Systems Reducing Duplicated Processes Enabling a Mobile Workforce Gaining Insight Into Risk Addressing Risk Management Requirements Challenges Surround the Enterprise

4

5

6 Performance Improves business predictability Automates and enforces common controls while providing transparency to business processes across the enterprise Improves business predictability Automates and enforces common controls while providing transparency to business processes across the enterprise The Solution In Action Assurance Lowers audit risk and increases compliance Offers customers a new level of confidence that the right controls are in place so only authorized employees have access to sensitive business information Lowers audit risk and increases compliance Offers customers a new level of confidence that the right controls are in place so only authorized employees have access to sensitive business information Simplification Ensures enterprise-wide policy synchronization Eliminates resource silos which produce inefficiencies Automates the process of discovering and remediating high-risk business problems Ensures enterprise-wide policy synchronization Eliminates resource silos which produce inefficiencies Automates the process of discovering and remediating high-risk business problems Business Relevance Meets IT Assurance

7 Content, Policy and Events Unify Disparate Systems Consulting Partners

8 Problem: The CIO Cannot Provide Business- Relevant Risk Data to the CFO Toni CIO The enterprise is setup with distributed security domains Issue: Volumes of disparate data make it hard to assess the risk to the enterprise

9 Convert Raw Data into Information that Provides Full Visibility Monitor all events in the enterprise, injecting identity into access events and correlating those to defined business processes and key risk indicators (KRIs).

10 Problem: The CIO Wastes Resources on Duplicate Efforts Toni CIO PCISOXPrivacy … Information Security 3 rd PartyHIPAA Line of BusinessCorporateIT Functional Leads Compliance Managers LegalAudit Information Security Service/ Arch Leads Compliance Managers Enterprise groups demand the same data from IT in separate requests Issue: Duplication of efforts consume IT resources and create inconsistencies for the business Enterprise groups demand the same data from IT in separate requests Issue: Duplication of efforts consume IT resources and create inconsistencies for the business

11 Map controls to defined objectives and processes as well as mapping the process to business owners. Eliminate Duplication of Controls

12 Cost Impact By the Numbers Average cost to manually map controls US$5,300 per control per year - Source: PricewaterhouseCoopers

13 Problem: The CIO Cannot Sustain Compliance Demands Toni CIO App Owner User Entitlements & Security Controls Processes Roles Users Audit App Owner Mainframe Exchange Server Site 1 Processes Roles Users Audit Processes Roles Users Audit Processes Roles Users Audit PeopleSoft HR DB Exchange Server Site 2 SOAP Exchange Server Site 3 Java App Exchange Server Site n… User Entitlements & Security Controls Auditor The enterprise is structured with siloed security domains Issue: The sheer volume of disparate processes makes it costly to provide compliance-related data The enterprise is structured with siloed security domains Issue: The sheer volume of disparate processes makes it costly to provide compliance-related data

14 Automate and enforce common controls while providing transparency to business processes across the enterprise. Processes Users RolesAudit User Entitlements and Security Controls Contain Compliance Costs Through a Sustainable Infrastructure App Owner Exchange Server MainframeSOAPPeopleSoft HR DBJava App Auditor

15 Cost Impact By the Numbers Average cost savings of automation US$10,936 per 100 users per year - Source: IDC analysis of Novell IDM Technology

16 Building the Crucial Bridge Between Strategic Applications Strategic Business Applications IT Systems IT Infrastructure IT Processes Novell Compliance Management Platform extension for SAP environments SAP BusinessObjects SAP ERP SAP NetWeaver HCMFINOPS Process Control Risk Management Access Control

17 The Solution in Action

18 New Accounting Manager Role-Based Access to SAP System Business Role: Accounting Manager ERP Financials Role: AM1 ReviewPmt BPC Role: Fin23 CreateFinFile Active Directory Role: ADAcctMgr AccessFinFile SAP Portal Role: AcctMgr1 ViewReports SAP Portal Bill Accounting Manager I need to see the latest financial reports Bill goes into the Financial Reporting Area of the SAP Portal to see historical reports that show trends and other information.

19 New Accounting Manager Role-Based Access to SAP System Business Role: Accounting Manager ERP Financials Role: AM1 ReviewPmt BPC Role: Fin23 CreateFinFile Active Directory Role: ADAcctMgr AccessFinFile SAP Portal Role: AcctMgr1 ViewReports SAP Portal Bill Accounting Manager I need to see the latest financial reports These reports are stored on a SharePoint portal system. A link in the SAP Portal takes users to the page for viewing the historical reports.

20 New Accounting Manager Role-Based Access to SAP System Business Role: Accounting Manager ERP Financials Role: AM1 ReviewPmt BPC Role: Fin23 CreateFinFile Active Directory Role: ADAcctMgr AccessFinFile SAP Portal Role: AcctMgr1 ViewReports Bill Accounting Manager Why don’t I have access? Bill clicks the link to view the historical reports, but finds he does not have access. SAP Portal

21 New Accounting Manager Role-Based Access to SAP System SAP Portal Business Role: Accounting Manager ERP Financials Role: AM1 ReviewPmt BPC Role: Fin23 CreateFinFile Active Directory Role: ADAcctMgr AccessFinFile SAP Portal Role: AcctMgr1 ViewReports Bill Accounting Manager Why don’t I have access? Instead of showing an “access denied” message, the Compliance Management Platform asks Bill if he would like to request access.

22 New Accounting Manager Access Request Business Role: Accounting Manager ERP Financials Role: AM1 ReviewPmt BPC Role: Fin23 CreateFinFile Active Directory Role: ADAcctMgr AccessFinFile SAP Portal Role: AcctMgr1 ViewReports Bill Accounting Manager I guess I will request it. Bill requests access by providing the necessary information in the request form, and then submits it for approval. CMP

23 New Accounting Manager Request Approval CMP The Compliance Management Platform sees Bill’s access request and sends it to SAP Risk Analysis to check for SoD violations. SAP GRC AC

24 New Accounting Manager Request Approval CMP The results from the check show no SoD violations. SAP GRC AC

25 New Accounting Manager Request Approval I don’t see issues with giving him access. John Controller Access Request System: SharePoint Complete tasks assigned by my manager. Requestor: Bill Reason for Request: Approve Reject CMP Bill’s boss, John, sees Bill’s access request for the SharePoint system and the results of the SoD check. He approves the request. SAP GRC AC

26 New Accounting Manager Granted Access through Bill’s Automated Role Bill Accounting Manager Wow, that was fast. I am glad that there is not a lot of red tape in this organization. Business Role: Accounting Manager SharePointAccess: Approved Bill receives notification that he has been granted access to the SharePoint system.

27 New Accounting Manager Granted Access through Bill’s Automated Role SAP Portal Bill Accounting Manager Wow, that was fast. I am glad that there is not a lot of red tape in this organization. Business Role: Accounting Manager SharePointAccess: Approved Bill clicks the “View Historical Reports” link in the SAP portal. He finds that he is now properly provisioned to begin working with the reports in the SharePoint system.

28 Why the Novell/SAP Joint Solution?

29 A Best-in-Class Joint Solution Enterprise control enforcement (passwords, rights, roles) Automate and enforce business security process Continuous controls monitoring of user access to enterprise resources Provides risk analysis and compliance processes across the enterprise Control user access within the SAP application Increase productivity for managed compliance Manage process for compliance and risk remediation Continuous controls monitoring for applications Compliance Management Platform The joint solution extends identity and security information across SAP and non-SAP systems. SAP GRC

30 The Novell Difference Proven Interoperability Novell is the first and only vendor to provide SAP-certified integration for all technologies required to provide IT Governance solutions: Identity Management integration with SAP GRC User Provisioning integration with NetWeaver SIEM integration with NetWeaver Audit and Monitoring LDAP Authentication integration with NetWeaver

31 Looking Forward 2007: SAP and Novell deepen a long-standing partnership with a focus on Linux 2009: CMP becomes the first solution certified with Access Control 2010: Integration with Process Control, Risk Management

32 The Novell Difference Innovation and Leadership User Provisioning Web Access Management Security Information and Event Management

33 Over 6,000 Customers Agree

34 Questions? © SAP 2008 / Page 34 Geoffrey Coulehan, SAP Market Development

Download ppt "Rick Killpack Senior Product Manager Identity and Security Novell, Inc. sample for a picture in the title slide SAP and Novell: Extending IT Governance."

Similar presentations

Unified Communications Bill Palmer ADNET Technologies, Inc.

Unified Communications Bill Palmer ADNET Technologies, Inc.
1 ILANTUS Proprietary Jaunary 20, 2014 Enabling complete AGS features on ISIM Compliance Express – ISIM Integration.

1 ILANTUS Proprietary Jaunary 20, 2014 Enabling complete AGS features on ISIM Compliance Express – ISIM Integration.
To learn more about Directory Concepts and how we can help your organisation please contact a Directory Concepts relationship manager near you: Sydney.

To learn more about Directory Concepts and how we can help your organisation please contact a Directory Concepts relationship manager near you: Sydney.
A Federated Approach to Systems Management Todd Nugent Mike Huffstatler Sr. Product Specialist Systems Engineer.

A Federated Approach to Systems Management Todd Nugent Mike Huffstatler Sr. Product Specialist Systems Engineer.
Information Technology Current Work in System Architecture November 2003 Tom Board Director, NUIT Information Systems Architecture.

Information Technology Current Work in System Architecture November 2003 Tom Board Director, NUIT Information Systems Architecture.
Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,

Identity and Access Management: Strategy and Solution Sandeep Sinha Lead Product Manager Windows Server Product Management Redmond,
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
Identity and Access Management — at the Core of Business Andrew A. Afifi, M.Sc. Network Security, CISSP Technology Strategist.

Identity and Access Management — at the Core of Business Andrew A. Afifi, M.Sc. Network Security, CISSP Technology Strategist.
Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.
Demonstrating IT Relevance to Business Aligning IT and Business Goals with On Demand Automation Solutions Robert LeBlanc General Manager Tivoli Software.

Demonstrating IT Relevance to Business Aligning IT and Business Goals with On Demand Automation Solutions Robert LeBlanc General Manager Tivoli Software.
Accounts Payables Invoice Automation for SharePoint.

Accounts Payables Invoice Automation for SharePoint.
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.

© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.
Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.

Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.
Solution Briefing Business Productivity in Action Keynote.

Solution Briefing Business Productivity in Action Keynote.
Identity and Access Management Business Ready Security Solutions.

Identity and Access Management Business Ready Security Solutions.
Rev Jul-o6 Oracle Identity Management Automate Provisioning to Oracle Applications and Beyond Kenny Gilbert Director of Technology Services.

Rev Jul-o6 Oracle Identity Management Automate Provisioning to Oracle Applications and Beyond Kenny Gilbert Director of Technology Services.
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
SecureAware Building an Information Security Management System.

SecureAware Building an Information Security Management System.
VARONIS OVERVIEW DATA GOVERNANCE & SECURE FILE SHARING JUNE 5, 2013 Presented By: Dietrich Benjes VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

VARONIS OVERVIEW DATA GOVERNANCE & SECURE FILE SHARING JUNE 5, 2013 Presented By: Dietrich Benjes VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.
Delivering an Architecture for the Social Enterprise Alpesh Doshi, Fintricity Information Age Social&Mobile Business Conference Tuesday 31st January 2012.

Delivering an Architecture for the Social Enterprise Alpesh Doshi, Fintricity Information Age Social&Mobile Business Conference Tuesday 31st January 2012.

Similar presentations

Ads by Google