Controled excessive system access for consultants and sytem administrators
The smartAccess application allows administrators and consultants to access a excessive range of authorization and permissions in the SAP system under special circumstances (emergency, business request, modification), while controlling the risk to the organization posed by this excessive access. The built-in control mechanisms allow to smoothly pass any AUDIT of the SAP system, and enable to perform any necessary maintenance work in the system.
Authorization and access risks under your control. Access free from segregation of duties risks.
smartWorkflow provides full flexibility of workflow configuration in the processes of provisioning user access. The built-in segregation of duties risk matrix allows for a predictive “what if” analysis at the stage of submission and approval of authorization access requests. The system automatically assigns access rights in connected end-systems, and the friendly workflow monitors the process and sends email notifications to its participants.
SoD matrix risk repository and sensitive access
smartSoD is a template access risk repository for segregation of duties risks and sensitive technical access. The library has been developed during security projects delivered for over 12 years for more than 100 customers from various industry and sectors (telecommunication, FMCG, retail, entertainment, production, chemistry, pharma). It works as project accelerator when user access reorganization is required and first project effect are required to be delivered fast. It contains a list of over 125 segregation of duties risks and 50 instances of sensitive access. The application allows to manage the standard content and to introduce modifications from non-standard transactions.
Excessive access and SoD risk control for IT and business users
The smartReport application is an efficient and cost-effective tool for the identification and subsequent elimination of redundant permissions and segregation of duties risks in user access rights. An engine that enables the verification of user rights in terms of access to transactions sensitive from the business and IT perspective. A report system that facilitates work from the business perspective (what the risk is), as well as the technical perspective (how to modify system authorization and technical access rights).
Intelligent risk review. Periodic verification of the state of permissions
The smartReview application allows for an intelligent review of user access and authorizations in various IT systems (SAP ERP, S/4 HANA, HCM, Active Directory, Teradata, Oracle, Billing, Spectrum, IFRS). The main focus in on segregation of duties risks that exists in users system access. The application documents a history of decisions made, and monitors the changes of user access in connected end- systems. It supports the review process by informing the decision-maker which instances of access were used often or rarely.
Building roles and user rights with a preventive SoD analysis
The smartArchitect application enables the creation of user roles and authorization while taking the segregation of duties access risks into account. The workflows built into the tool allow to define a role before it is generated into a developer environment and later a production one. The system works preventively and provides the administrator of roles and user rights with an array of tools useful in the process of building them.
New products planned for 2023 – 2025
Our team is currently working on migrating the entire solution to the Cloud based on sets of so-called “Cloud”. microservices. We are gradually making each function available in the SaaS model. If you would like to see more at about the current status of this work, please feel free to contact us.