Saviynt: Fine-Grained Access Management

CIO VendorAmit Saha, COO
With the ongoing Big Data, Cloud and BYOD proliferation, enterprises need to look beyond traditional security and IAM technologies to secure their critical assets. Organizations are reluctant to adopt these new technologies due to perceived threat of data leakage, lack of adequate access control and visibility to activity. Saviynt provides sophisticated access control and fine-grained application security management necessary to safeguard sensitive information on Enterprise, Cloud and Big Data platforms. Led by information security veteran Sachin Nayyar, CEO, Saviynt combines security controls with usage analytics to the application layer, resulting in better management of privileges. Headquartered in Los Angeles, the company’s intellectual property of access templates and controls are targeted at SAP, SAP HANA, Epic, Oracle,, Office 365 / Azure, Workday and several other applications that help radically bring down typical security implementation and management effort.

"Our solution is plug-n-play. Customers can run a complete security health check to get recommendations on a pre-integrated application in 4 hours"

Fundamentally focused on application security, Saviynt team has built deep integration with key applications on premise and on the cloud where customers store critical information. In addition, the company also provides the ability to integrate with custom applications. Saviynt solution provides the following capabilities:

• Visibility into ‘Who has access to what’ at the file or the lowest entitlement level
• Visibility into ‘Who is doing what’ by importing activity logs from the application
• Out of box IT Security, Segregation of Duty and Process Controls rule book with rules mapped to application entitlements and usage
• Out of box mapping of high privilege access and activities• Recommendation and actionable remediation capability
• Application role engineering and provisioning based on fine grained access and usage
• On-going Role Life-cycle Management including simulation and versioning
• State-of-the-art web and mobile enabled access request and attestation system“Our solution is plug and play.
A customer can run a complete security health check and get recommendations on one of our integrated applications in 4 hours and in 2-3 days on a custom application,” said Amit Saha, COO of Saviynt.
SAP Business Applications and SAP HANA are key enterprise applications that the Saviynt team is focused on. SAP HANA’s adoption is increasing at a very fast pace. “Companies need to understand SAP HANA poses a very different set of challenges when it comes to security,” said Atul Vij, CTO of Saviynt. SAP’s recommended architecture includes creating an account for every user in the HANA DB; so unlike other databases which mostly deal with service accounts, SAP HANA acts like an application with all user accounts and their authorizations. Companies are planning on putting some of their most critical data in SAP HANA including sales, customer and financial data. A security administrator today lacks capabilities to mine and design roles as more sources of data are added to HANA DB or to easily look at access and activity from a people, application and resource perspective to ensure that it is according to the company business policy. Saviynt is solving all of these issues by providing a security platform that seamlessly integrates with SAP HANA and enables Access and Usage Analysis, provides ability to write business / security rules, mine / design roles and privileges and conduct continuous monitoring based on those rules. Saviynt’s solution can be seamlessly extended to other critical cloud and Big Data platforms such as Hadoop, Azure, Office365, etc.

As organizations continue their transition to cloud, Saha is determined to make Saviynt their one-stop-shop for all the fine-grained application security, risk and compliance controls needs. Saviynt is focused on increasing the security management efficiency for all the critical infrastructure including data centers, SCADA systems and cloud applications by developing the right set of implementable control libraries for varied applications and verticals.


Amit Saha, COO

A provider of simple, fast and cost effective solutions for enterprises to manage the security of their critical applications