Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sample for a picture in the title slide SAP and Novell Collaborate on Comprehensive, Integrated Governance, Risk, and Compliance Solutions.

Published byMyron O’Brien’ Modified over 9 years ago

Similar presentations

Presentation on theme: "Sample for a picture in the title slide SAP and Novell Collaborate on Comprehensive, Integrated Governance, Risk, and Compliance Solutions."— Presentation transcript:

1 sample for a picture in the title slide SAP and Novell Collaborate on Comprehensive, Integrated Governance, Risk, and Compliance Solutions

2 Session Description Title: Ensuring Security and Compliance Across the Enterprise take place on Wednesday, Oct. 14th at 3:15pm Abstract: Learn how SAP BusinessObjects GRC and Novell are building bridges between SAP, the IT Infrastructure and other strategic applications to streamline security and regulatory compliance efforts, reduce redundancies and improve the return on investment of systems in the enterprise. This session will provide detailed examples of how SAP and Novell have partnered to provide solutions and best practices around provisioning, compliance assurance, and identity and access management. The Novell Compliance Management Platform extension for SAP environments is the industry's first solution certified with SAP GRC Access Control. You will gain insights from key partners and customers on how to integrate your IT GRC infrastructure You will also hear from SAP BusinessObjects GRC and Novell executives about the current and future technology roadmap that enables a clear and agile enterprise.

3 Agenda Addressing today’s GRC challenges Demo Real-World Insights

4 Cost Competition Compliance Complexity Determining “Who has access to what?” Lowering IT Management Costs Eliminating Security Vulnerabilities Addressing Compliance Demands Integrating Disparate Systems Reducing Duplicated Processes Enabling a Mobile Workforce Gaining Insight Into Risk Addressing Risk Management Requirements Challenges Surround the Enterprise

5 What’s Required to Be Effective in Compliance? Policies, and Executive Directives Business Processes Controls in financial and business process applications Application Access and IT Controls Management IT Security, Application Management, Change Management, Identity Management IT Services SIEM/Identity Mgmt/Roles Mgmt/Access Mgmt Executive Management Business Processes Finance Business Processes Manufacturing Business Processes Logistics Business Processes Etc…

6 IT Services SIEM/Identity Mgmt/Roles Mgmt/Access Mgmt Executive Management Business Processes Finance Business Processes Manufacturing Business Processes Logistics Business Processes Etc… SAP and Novell: Uniquely Covers the Entire Stack of GRC from Application to IT Controls Policies, and Executive Directives Covered through a variety of mechanisms including SAP Business Process Controls Covered by SAP GRC Application Access and IT Controls Management Covered by Novell Compliance Management Platform

7 Content, Policy and Events Unify Disparate Systems Consulting Partners

8 Problem: The CIO Cannot Provide Business- Relevant Risk Data to the CFO Toni CIO The enterprise is setup with distributed security domains Issue: Volumes of disparate data make it hard to assess the risk to the enterprise

9 Convert Raw Data into Information that Provides Full Visibility by Monitoring all events in the enterprise, injecting identity into access events and correlating those to defined business processes and KRIs

10 Integrating Security and Access Bill Accounting Manager The security officer noticed some change in department jobs and wanted to review the activities of John and Bill

11 Problem: The CIO Wastes Resources on Duplicate Efforts Toni CIO PCISOXPrivacy … Information Security 3 rd PartyHIPAA Line of BusinessCorporateIT Functional Leads Compliance Managers LegalAudit Information Security Service/ Arch Leads Compliance Managers Enterprise groups demand the same data from IT in separate requests Issue: Duplication of efforts consume IT resources and create inconsistencies for the business Enterprise groups demand the same data from IT in separate requests Issue: Duplication of efforts consume IT resources and create inconsistencies for the business

12 Mapping controls to defined objectives and processes as well as mapping the process to business owners Eliminate Duplication of Controls by

13 Problem: The CIO Cannot Sustain Compliance Demands Toni CIO App Owner User Entitlements & Security Controls Processes Roles Users Audit App Owner Mainframe Exchange Server Site 1 Processes Roles Users Audit Processes Roles Users Audit Processes Roles Users Audit PeopleSoft HR DB Exchange Server Site 2 SOAP Exchange Server Site 3 Java App Exchange Server Site n… User Entitlements & Security Controls Auditor The enterprise is structured with siloed security domains Issue: The sheer volume of disparate processes makes it costly to provide compliance-related data The enterprise is structured with siloed security domains Issue: The sheer volume of disparate processes makes it costly to provide compliance-related data

14 Automating and enforcing common controls while providing transparency to business processes across the enterprise Processes Users RolesAudit User Entitlements and Security Controls Contain Compliance Costs through a Sustainable Infrastructure App Owner Exchange Server MainframeSOAPPeopleSoft HR DBJava App Auditor

15 Building the Crucial Bridge Between Strategic Applications Strategic Business Applications IT Systems IT Infrastructure IT Processes Novell Compliance Management Platform extension for SAP environments SAP BusinessObjects SAP ERP SAP NetWeaver HCMFINOPS Process Control Risk Management Access Control

16 Novell CMP Logical Architecture Sentinel: user activity monitoring and compliance reporting Identity Manager: user lifecycle management and account provisioning Access Governance: user access certification and role management Access Manager: single sign-on for web applications and VPN Identity Vault: identity and credential repository The following Novell solutions have been integrated to form CMP:

17 Looking Forward 2007: SAP and Novell deepen a long-standing partnership with a focus on Linux 2009: CMP becomes the first solution certified with Access Control 2010: Integration with Process Control, Risk Management

18 DEMO

19 Real-World Insights

20 Security Focus Areas in 2009 Protecting data assets Regulatory and contractual obligations Reducing risk of data breach Streamlining security and compliance Addressing fragmented, one-off approaches to compliance with GLBA, SOX, HIPAA,, EU Data Protection Directive, PCI DSS and enterprise policies Risk-rationalized approach to controls and testing, automate manual processes Securing a changing IT infrastructure Protect the full range of enterprise IT assets Support mobility, virtualization, cloud computing and other disruptive changes Enterprise Risk Management Managing IT risks within a more comprehensive enterprise framework IT security and controls as a business enabler

21 Enterprise Risk Management, Access Risks and Controls

22 Integrated Novell CMP – SAP Solution Conceptual View SAP ERP SAP NetWeaver SAP GRC Suite Novell CMP Enterprise Applications LoB Applications IT Applications IT Systems IT Infrastructure IT Processes 1.Leverage SAP roles in user management and compliance reporting processes across non- SAP environment 2.Report business-relevant security events to SAP GRC Suite components, extending their breadth of coverage and business value

23 Integrated Novell-SAP Solution in Deloitte SNet Lab An enterprise solution for managing user access risk and compliance across SAP and broader IT landscapes

24 Access Governance Suite Certifying User Access Managing Roles Sentinel Security Event Monitoring & Logging Compliance Reporting Access Manager Managing User Access AuthN & AuthZ Audit Single Sign-On Identity Manager Managing Accounts Assigning Roles Managing Passwords Controls ProvidedFunctionality Management reviews user access rights at regular intervals using a formal process Access to information resources is controlled in a manner consistent with business and security requirements. All users are assigned a unique ID for their personal use only, substantiated via appropriate authentication techniques Formal procedures to control allocation of access rights to information systems Interactive password reset 1 3 2 4 Novell CMP Component Functionality and Controls Provided

25 Questions? © SAP 2008 / Page 25 Geoffrey Coulehan, SAP Market Development

26 Contact Information Jay Roxe (jroxe@novell.com) Rick Wagner (rwagner@novell.com) Ranga Bodla (ranga.bodla@sap.com) Eli Fisk (efisk@deloitte.com)

Download ppt "Sample for a picture in the title slide SAP and Novell Collaborate on Comprehensive, Integrated Governance, Risk, and Compliance Solutions."

Similar presentations

Unified Communications Bill Palmer ADNET Technologies, Inc.

Unified Communications Bill Palmer ADNET Technologies, Inc.
Multi-level SLA Management for Service-Oriented Infrastructures Wolfgang Theilmann, Ramin Yahyapour, Joe Butler, Patrik Spiess consortium / SAP.

Multi-level SLA Management for Service-Oriented Infrastructures Wolfgang Theilmann, Ramin Yahyapour, Joe Butler, Patrik Spiess consortium / SAP.
1 ILANTUS Proprietary Jaunary 20, 2014 Enabling complete AGS features on ISIM Compliance Express – ISIM Integration.

1 ILANTUS Proprietary Jaunary 20, 2014 Enabling complete AGS features on ISIM Compliance Express – ISIM Integration.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
© 2013 IBM Corporation IBM Security Systems 1 © 2013 IBM Corporation Identity Management And Session Recording A Partnership with IBM and ObserveIT.

© 2013 IBM Corporation IBM Security Systems 1 © 2013 IBM Corporation Identity Management And Session Recording A Partnership with IBM and ObserveIT.
Security Controls – What Works

Security Controls – What Works
© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE www.visible.com Holistic View of the Enterprise Business Development Operations.

© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE Holistic View of the Enterprise Business Development Operations.
Copyright © 2008 Robert S. Seiner – KIK Consulting & Educational Services/TDAN.com Copyright © 2008 Robert S. Seiner – KIK Consulting & Educational Services/TDAN.com.

Copyright © 2008 Robert S. Seiner – KIK Consulting & Educational Services/TDAN.com Copyright © 2008 Robert S. Seiner – KIK Consulting & Educational Services/TDAN.com.
Rick Killpack Senior Product Manager Identity and Security Novell, Inc. sample for a picture in the title slide SAP and Novell: Extending IT Governance.

Rick Killpack Senior Product Manager Identity and Security Novell, Inc. sample for a picture in the title slide SAP and Novell: Extending IT Governance.
Copyright © 2007 Advantica Inc. (USA Only) and Advantica Ltd. (Outside USA). All rights reserved by the respective owner. Benefits of an Integrated Compliance.

Copyright © 2007 Advantica Inc. (USA Only) and Advantica Ltd. (Outside USA). All rights reserved by the respective owner. Benefits of an Integrated Compliance.
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
Identity and Access Management — at the Core of Business Andrew A. Afifi, M.Sc. Network Security, CISSP Technology Strategist.

Identity and Access Management — at the Core of Business Andrew A. Afifi, M.Sc. Network Security, CISSP Technology Strategist.
Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.
Ravi Sankar Technology Evangelist | Microsoft Corporation

Ravi Sankar Technology Evangelist | Microsoft Corporation
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.

© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.
Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.

Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.
© 2004-2014. Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.

© Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.
Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Information Technology Audit

Information Technology Audit
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Similar presentations

Ads by Google