“With the implementation of this solution, the client has graduated from the obsolete world of passwords to a far more controlled environment of biometric identity management. The client has a far better understanding of when and how each user had access to their SAP system. The project has been a complete success.”
Juan Manuel Rangel Palacios
Sr. Manager, IT Advisory KPMG Cardenas Dosal, S.C.
KPMG was retained by a manufacturing client (division of a multi-national firm) to identify and implement upgraded security for its SAP ECC6 installation. The solution had to cover many locations and a substantial SAP user group. KPMG recommended that a major change, using SAP-centric biometric identity management, was the best course to follow.
The most important first step in securing an SAP installation is to take control of perimeter access. Username/password combinations alone do not provide identity management – only biometric authentication can do that. As a baseline, all current employees with SAP access are enrolled biometrically, effectively stepping up security to a mandatory 2-factor process. The abuse or sharing of passwords, whether voluntary or covert, is thereby alleviated, as each perimeter access transaction becomes a logged event, indisputably identifying the actual user.
Rapid business growth
Many warehouse and office locations over a large geographical area
Workforce not necessarily tied to a specific location
Know who has access to SAP
Provide robust audit trail of users’ access to SAP
Prevent unauthorized access
Achieve 100% SAP perimeter access control
Create indisputable user accountability
Enroll all authorized users with biometric profiles, regardless of SAP function
Require biometric access control at every log-on
Maintain audit log, including failed attempts, for analysis
Challenges to increase SAP security and accountability:
Mandatory biometric identity management for 1,000 users at multiple locations
Biometrically secure access to SAP log-on for all users on PCs and laptops via direct access or VPN
Key Business Outcomes
True identity management for all employees, with 100% flexibility of workplace rotation
Tamper-proof audit trail in effect
Future option includes biometric access for non-employees such