Talia Security (Talia) is a company that specializes in the development of software solutions for SAP security management.
Talia developed Security Analyzer (SA), a product that is available in version 3.0.
What is it needed for?
SA is a software solution that enables you to control the management of users and the profiling of SAP systems. It is possible to analyze the system off-line via the download of the main SAP Security tables and the usage statistics of users. This allows you to
- Document the system’s health status with respect to the SAP guidelines
- Create specific checks to verify that the “Security Concept”, adopted by the company, is kept intact
- Document and share user profiling with the business representatives
- Carry out an analysis of the risks, in particular the segregation of duties (SOD), which may be the result of incorrect authorization attributions
- Carry out preventive SOD analyses in the user management process
- Speed up the user management and roles carried out through RFC via the interface provided by the BAPI standard SAP
- Search for the best roles for users, based on their usage statistics
- Verify the impact on users, resulting from the removal of the transactions from the roles
- Facilitate the licensing management of SAP users
Why is it a new product?
SA is needed because most of the other products on the market are mainly for auditors. Those who managed SAP authorizations and users didn’t have, up until now, a specific product capable of helping them with their daily tasks.
Furthermore, Security Analyzer does not require high-performance hardware to carry out the analysis (a simple notebook is sufficient) and it does not need any previous knowledge to be used.
The main problem with SAP profiling is that business representatives often find it difficult to understand how the roles were previously established and, in particular, what activities they authorize. SA is the link between the experts (engineers) and the business employees; creating a common language in conventional and encoded reports.
In many projects, when the Segregation of Duties (SOD) is implemented, a report is produced (often with millions of lines) which indicates the users’ violations. This means that the personnel that manages authorizations is required to modify a user’s authorization, in order to eliminate the violations, without interfering with other users. The logic behind role profiling (RBAC – role based access control) envisages, in fact, that the role for a same set of transactions is assigned to multiple users. It is possible to drastically minimize the remediation times via specific SA simulation functions.
SA’s strong points
- It’s a specific product for those who manage SAP authorizations
- Expensive hardware isn’t needed, a notebook is sufficient
- It can be installed in just a few hours and does not require a complex and costly project
- It’s based on a client-server architecture and connects to the main DBMS found on the market
- It carries out cross-referencing between the authorizations and the user statistics to meet the “need to know” principal objective
- It performs SOD analyses, based on authorization objects, with very limited processing times
- It generates over 250 reports
- It enables you to create queries, in visual mode, to reply to any questions on users and authorizations
- It has a very powerful graphical interface and allows you to manage pivot tables directly from the program without having to use Excel
- It reduces the analysis time for new authorization requests
- Allows you to build preventive SOD analyses by providing a web service that can be used by the Identity and Access Management (IAM) solutions
- It optimizes the SAP license costs
- It’s multilingual: Italian, English, German, French, Spanish, Portuguese
Who it’s for
- SAP Security Manager
- SAP Systems
- SAP application consultants
- Human Resources personnel (HR)
- Process owners
- Key Users
- Roles owners