• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Novis Euforia

Novis Euforia

Un nuevo proyecto
 con más de 20 años de experiencia en tecnología SAP

  • Home
  • About Novis
  • Services
    • S4 Conversion
    • Suite On Hana
    • Landscape Transformation
    • Cloud Adoption & Operations
    • SAP Licensing
    • SAP BTP
    • SAP DevOps
    • Cybersecurity for SAP
    • SAP Managed Services
  • Solutions
    • Chameleon – Multicloud ArchiveLink
    • euKaria – SAP Security Automation
    • euGenie – RPA for automating IT tasks and resolving SAP incidents
  • News
  • Contact
  • Español

euKaria – Inadequate management of roles in SAP and its solution

euKaria. Automating the Re-engineering of Roles in SAP Systems and detecting patterns of use to automatically define position types and segregate duties based on risk matrixes.

The problem of inadequate management of roles in SAP

In a SAP system, and due to inadequate management of roles, situations arise that reduce the efficiency and increase the entropy of the security system. For example, users that are assigned roles with more duties than those necessary, others that are assigned roles as a copy of existing users, without analysing whether there is an excess of permissions in this set of authorisations.

It is also common for a user to change jobs within the organisation, and on doing so they are assigned roles for that new duty, yet still having access to the previous ones, thus accumulating authorisations which are often incompatible. Another common case is the creation of roles which are very similar to other existing roles to which modifications of little importance are added. 

These are just some examples of inadequate management of authorisations and roles in SAP. These errors, throughout the years of existence of a SAP system and with a normal number of users, causes entropy in the system of authorisations to multiply geometrically and even exponentially to a point when it becomes difficult to find or manage the initial roles, and new roles are created by mistake, new roles that are similar to existing ones, which makes the problem even worse. 

The consequences of inadequate management of roles in SAP

As a result of this situation it is no longer possible to guarantee an adequate security system in which company data is effectively protected, in addition you may be failing to abide to corporate policy or even the law by failing to adequately protect critical data such as individual and corporate data included in the SAP database, whose management is contemplated by the GDPR.

The solution: euKaria

The only way to revert this situation is to carry out a re-engineering of roles. When we are dealing with thousands of users and hundreds of thousands of roles, undertaking a re-engineering project manually is not feasible. But let’s see how we can go about it safely and in record time thanks to adequate tools.

The prime aim in re-engineering roles is to re-establish a manageable system, one that is limited and controlled, based on position types but, how do we identify these position types in a disorganised array of hundreds of thousands of roles and users? 

Novis Euforia’s euKaria solution is capable of resolving the problem in just five stages.

Stages in resolving inadequate management of roles in SAP with euKaria

  1. Firstly: Automatically obtaining information relative to the system’s structure of roles and users by means of an installable extractor, with the option of data anonymity.  
  2. In the second stage, an analysis of the users is carried out by means of artificial intelligence, in order to find patterns that are not evident to the human eye, and to group users in a limited set of position types.
  3. Stage three, with the automatic creation of a graph database that generates a logical outline of relationships between entities: users, roles, authorisations and duties. Once this logical outline is created, euKaria compares the results with the segregation of duties matrix and detects those roles that contain duties that are incompatible. Likewise, critical duties, or wrongly assigned duties are identified, for example system administrator duties in end user roles, or on the other hand, access to business data by technical users. 
  4. In the fourth stage, once the position types are identified and their duties are segregated, euKaria generates a complete outline of roles and authorisations that can be imported directly into a system, or used as a guide to carry out a re-engineering of roles.  
  5. Finally, the solution allows for continual controls to detect changes that do not comply with the current segregation of duties, with the philosophy known as «get clean/stay clean».

euKaria is a unique SAP security solution on the market. Using mathematical algorithms, and a scientific application of new technologies, it has turned the costly process of carrying out a re-engineering of roles into an automatable project that saves time, expenses and worry. 

Do you want to find out more about EUKARIA? Get in touch with Novis Euforia by filling out the following form and we can talk. 

Contact us

We can have a chat whenever you like, a phone call or a meeting in person. Just leave us your details.

  • This field is for validation purposes and should be left unchanged.

Primary Sidebar

News

  • Monitoring SAP Google Cloud

    Monitoring your SAP HANA system on Google Cloud Platform (GCP)

  • Cloud ALM

    Cloud ALM – SAP BTP Monitoring

  • Reducing costs in SAP licensing

    Reducing costs in SAP licensing

Footer

Novis Euforia

Calle de Martínez Villergas, 49, Edificio V, Planta 1, 28027 Madrid

CONTACT US

Newsletter

We create high-value content in the field of SAP. Would you like to receive it?

SUBSCRIBE

Social media

  • Facebook
  • LinkedIn
  • Twitter
  • Privacy Policy
  • Cookies Policy

Copyright Novis Euforia 2022

We use cookies to enhance your experience on our website. If you wish you may consult our cookies policy. ACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT
Subscribe to our newsletter

We offer best quality SAP content.