If you want to succeed in the digital game, your core business data must be right and available everywhere it’s needed, fast.  Learn how DDT Hub can help you automate your data management and faster processes to transform your SAP Landscape and solve your business challenge

USA HQ

1000 Brickell Ave, Ste 715, Miami, FL33131

+1.561.440.8060

EUROPE HQ

71-75 Shelton Street, London, WC2H 9JQ,

+44 -204-577-0664

Contacts

info@ddthub.com

support@ddthub.com

Twitter Facebook-f Linkedin Instagram
// For Over 10 Years, Managing Data

Segregation
of Duties

Dynamic Data Scrambling
Dynamic Data Masking
Dynamic Data Access
Segregation Of Duties
Compliance Risk Monitoring
Reduce Your Attack Surface
Leveraging ABAC, organizations can reduce their amount of accepted risk by applying granular business policies and access controls to strengthen data-level and transaction-level security.
Deploy Dynamic Data Masking
You can dynamically enforce data masking or outright restriction policies to any field in SAP when using real-time contextual policies that balance security and usability.
Reinforce SoD Policy Violations
ABAC in SoD enables the implementation of preventative measures. You may avoid SoD breaches while permitting competing roles and improving role-based laws.
Many organizations are forced to manually identify potential SoD violations and enforce rules in hindsight. Resulting in processes that require abundant resources and a vast amount of man hours to complete. In addition, auditors must investigate all users that have the potential to commit a violation, in search of actual violations – forcing auditors to sift through a multitude of false-positives. Given the growing volume and complexity of job roles, current approaches are becoming unscalable, costly and begin to resemble searching for a “needle in a hay stack.”

// Accelerate their Segregation of Duties

Using a combination of preventative, attribute-based controls and fine-grained analytics, DDT Hub helps SAP customers manage and accelerate their Segregation of Duties. Rather than analyzing and remediating policy violations in hindsight, DDT Hub allows you to stop unauthorised user activity in real-time – preventing a potential violation. In addition, fine-grained visibility into actual SoD violations streamlines the data gathering and reporting process and avoids false-positives. Reducing data review volume by up to +90%.

// Data-Centric SAP SoD Policies

Dynamic Data Security Platform uses a data-centric approach to enforce SoD controls. Despite user roles or existing privileges, the context of access, transaction value, and nature of data determines who gains access to what data and what they can do with it.

// Real-Time Preventive Controls

DDT Hub adds an additional authorisation layer to SAP GRC Access Control that correlates user, data, and transaction attributes, along with identified SoD conflicts, to block conflicting transactions at runtime.

// Granular SoD Violation Reporting

DDT Hub provides visibility down to the field level of SAP transaction activity. With this fine-grained visibility, DDT Hub Analytics correlates user, data, and transaction attributes, along with identified SoD conflicts, to identify and report on actual SOD violations.

// Key challenges to enforcing Segregation of Duties in SAP

Lack of Visibility
 

SAP GRC audit logs lack the data and transaction level granularity to filter out false positives. They also lack insight into the context of transactions and require additional effort to assess and remediate SoD violations

Static Policy Limitations
Access rights and permissions are natively awarded based on user roles. Role-based access controls are unyielding and static; posing an all or nothing scenario for granting access to users. Without contextual rules and risk-based restrictions, users can freely navigate throughout the applications and execute high-risk transactions.
Over-provisioning
Role-based access controls (RBAC) require organisations to create multiple roles to assign permissions for different job functions and responsibilities. Over time, without regular manual review of roles and timely deprovisioning of privileges, organisations risk a user acquiring unnecessary, excessive privileges – potentially leading to SoD violations.
Manual SoD Controls
Organisations are overlying on manual mitigating controls. When a risk cannot be addressed with existing technical controls, someone must gather, review and address any potential violations. This process is slow, diverts time from regular duties, and can lead to violations being missed.
Time-Consuming Audits
With existing capabilities, audit reporting must be done manually and can be time- consuming as auditors investigate all user activity in search of any actual violations. Moreover, existing logs lack insight into the contextual data that is necessary to assess risks and fraudulent activity. Lack of relevant data and manual analysis can be prone to errors, unscalable, and increasingly costly.
Compliance

SoD is one of the basic controls over financial transactions and activity within SAP applications. A SoD violation can put organisations in non-compliance with internal governance, as well as external regulatory policies such as the Sarbanes Oxley Act (SOX). Many regulations often impose strict reporting timelines, and traditional periodic audits can potentially slow down compliance efforts.