CSI tools:Streamlining SAP Roles Using Cockpit

Johan Hermans, Founder and CEO
Johan Hermans, Founder and CEO of CSI tools explains that the SAP security projects consume enormous budgets without really improving the security, due to misunderstanding of the SAP security basics and SAP authorizations. Scores of security administrators do not know the actual number of transaction codes and authorization objects that exist in an SAP system. “Most people think that they can protect SAP systems by removing and assigning transaction codes to users,” says Hermans. The reality, however, is completely different. Only the authorization objects assigned to a user gives them the permission to access the data, regardless of the user’s ability to execute the transaction.

“Devoid of going into the details how SAP security really works, everybody understands that if security administrators, auditors, and internal control teams do not understand the basics of the two core elements of SAP security, they will never be able to optimize it,” notes Her¬mans. Even the early versions of SAP systems did not have security checks for starting a transaction code. Setting-up security was complex because the security administrator had to think and develop security with a complete insight and understanding of the authorizations. CSI tools appears in the picture to tackle the obstacles for the concerned sector—a company that develops dynamic analytics tools to deliver intelligence from and to decisions taken in access governance for SAP environments. The company’s unique cockpit and engine provide in¬sights into real vulnerabilities, streamlining SAP roles and then delivers practical solutions to improve risk/security posture, like automated role building and reverse engineering.

The company has kept pace with the evolving market, releasing an entirely new complete and mature GRC solution for SAP environments in 2014: CSI tools 2014 is designed to address all GRC needs, with supporting rule sets, frameworks, options to automate tasks and change requests and dashboards. By checking multiple layers of SAP authorizations, CSI tools ensures that Segregation of Duty (SoD) conflicts through accumulation of access rights are discovered.
CSI tools is also used to find and correct errors in GRC rule sets. The products are designed to help companies get and remain compliant in all areas.

CSI Authorization Auditor 2014 is the audit and monitoring application for security concepts in SAP environments. It takes a snapshot of the SAP system to gain an insight into the past or current authorization setup of the concerned system. It reveals weaknesses in customer’s authorization concept, and helps identify undesired authorizations, accumulation of access rights, unsecured back doors and cross-system segregation of duties. CSI Role Build & Manage (CSI RBM) is used to maintain and manage the SAP security concept in an efficient and effective way with features like automated role building. CSI Automated Request Engine (CSI ARE) processes user and role access requests and has integrated SoD checks to prevent unwanted access in the access requests. Tasks can be automated and scheduled using CSI Integrate & Collaborate (CSI IC). CSI Emergency Request (CSI ER) is an automated emergency procedure with firefighter capabilities to mitigate the risk and allows a timely response of the intervention team, to provide broad access to a SAP system with full evidence logging. CSI ER also provides functionality to log and monitor the access (display and/or update) to SAP HRM Infotypes.


Our cockpit and engine provide insights into real vulnerabilities, streamlining SAP roles and then delivers practical solutions to improve risk and security posture


Going forward, CSI tools wants to improve the SAP request procedures to manage security in a better way. Preventing unwanted access and SoD conflicts instead of monitoring and solving them is much more efficient way to set up SAP security.” concludes Hermans.

Company
CSI tools

Headquarters
Herent, Belgium

Management
Johan Hermans, Founder and CEO

Description
Develops dynamic analytics tools to deliver intelligence from and to decisions taken in access governance for SAP environments.

Whitepapers of CSI Tools