I A New Approach to SAP SecurityAs an advanced behavior monitoring & alerting system, ProfileTailor™ Dynamics delivers unprecedented vis-ibility of actual, real-time SAP authorization usage. The system monitors the access and operations of SAP sys-tems, generates detailed dynamic usage profile analy-ses for every internal and external SAP user - and sends alerts about unusual or unacceptable activity, includ-ing risk severity level.

WHY Enterprises NEED ProfileTailor™ Dynamics

The SAP Authorization mechanism is very complex; or-ganizations lack the ability to determine which autho-rizations are used, unused, underused, or duplicated. Security officers often lack sufficient familiarity with SAP in order to properly monitor and control authorizations.

The typical challenges faced are• Organizations want to be able to control Segregation

of Duties (Sod) compliance automatically.• Employees collect new authorizations as they

change roles in the organization; they rarely give up-old authorizations, even if not needed in their new positions.

• A clear licence audit and reconciliation report is not available in order to accurately determine additional licence requirements at negotiation time.

• SAP_ ALL and other privileged user authorizations are often not removed, even when employees’ jobs no longer require this extremely sensitive status.

• Typical SAP users utilize only 7% of their authorizations, opening the door to security breaches and other risks.

• It is critical for enterprises to prevent fraud and leak-age of sensitive information.

• Everyone is aware of the problem, but there has been no easy, fast, reliable way to fix it… until now.

Profile Tailor™ DynamicsDelivers Total Visibility of Real-Time SAP User Behavior - Increases SAP Security - Decreases SAP Costs

Pr o f i l eTa i l o r ™ D y n a m i c s X p a n d s S A P S e c u r i t y a n d C o n t r o l- - - a n d C u t s S A P C o s t s !

www.xpandion.comTel: 1-800-7075144

ProfileTailor™ Dynamics shines a light into the abyss of authorizations, straightens out

the confusion, and makes true security possible - enabling CISOs to do their jobs

quickly, thoro ughly, easily, and, some say - even enjoyably!

Reports

An array of reports, dashboards and alerts give ongoing warnings of unusual or unacceptable activity includ-ing access to high-risk functions. Suspected security breaches are analyzed and scored according to a pre-determined level of severity.Usage reports include the type and frequency of autho-rization access – as well as the discrepancies between allowed and actual usage - enabling smart decisions about permission levels for each user, based on ac-tual activity. Dormant user accounts are automatically locked to reduce the risk of unauthorized access.

Figure 1. Example of Roles granted to a user and actual usage

Figure 2. Real-Time Event Monitoring

Pr o f i l eTa i l o r ™ D y n a m i c s X p a n d s S A P S e c u r i t y a n d C o n t r o l- - - a n d C u t s S A P C o s t s !

www.xpandion.comTel: 1-800-7075144

II Segregation of Duties Made SimpleA special module for Segregation of Duties enables the identification of violations of SoD combinations on both the static level of granting authorizations for users - and on the dynamic level, as a compensating control. The SoD module includes a simulation screen - a “What If“ mechanism - to test whether granting a user an activity or an authorization role will violate one of the SoD rules.

III Automatic SAP AuditingProfileTailor™ Dynamics is a comprehensive solution that delivers continuous auditing based on users’ ac-tual, real-time behavior.

The ProfileTailor™ system:• Requires no special knowledge of IT or SAP.• Automates labour-intensive tasks that were previ-

ously performed manually, such as testing user ac-cess and transactions.

• Provides continuous monitoring.• Improves quality of audits, from sample-based to

comprehensive, continuous monitoring, with real-time alerts about exceptions.

• Enables tests to be performed more often and covering more data.

• Reduces risk of fraud, with consequent increase in security as well as savings

• Reduces the costs of audits

IV SAP License OptimizationProfileTailor™ Dynamics can save on new SAP licenses and enables re-use of unused licenses when expanding.

• Decreases number of SAP Licenses; Examines SAP us-ers according to actual daily usage, enabling elimina-tion or lowering of licenses for users with no - or low – activity.

• Reduces Double License Counts; Identifies and alerts to simultaneous usage by same user from multiple computers, preventing double payments for the same SAP usernames.

• Pinpoints unused SAP licenses and licenses with low usage.

The elimination of authorization “waste“ in SAP systems saves users over15% on total

maintenance fees.

Figure 3. Segregation of Duties

Pr o f i l eTa i l o r ™ D y n a m i c s X p a n d s S A P S e c u r i t y a n d C o n t r o l- - - a n d C u t s S A P C o s t s !

www.xpandion.comTel: 1-800-7075144

Easy to Install and Easy to Use!

ProfileTailor™ Dynamics is an exceptionally intuitive system that requires no special knowledge of SAP, en-abling CISOs who are not SAP experts to secure their enterprises, preventing fraud and leakage of sensitive information.

It is also incredibly easy to install and completely risk-free, as it is external to the SAP server and client and requires no changes in the SAP system. Once installed, the system is accessed via a simple browser-based in-terface. With just a few clicks, key data streams from the SAP system are collected, collated, organized, analyzed, and presented in a clear and readable format.

In a Nutshell!

• Real-time authorization usage transparency• Complete authorization control• Continuous monitoring and alerts about unusual or

unacceptable activity & sensitive transaction execu-tion, including risk severity level

• Continuous monitoring and alerts about Segrega-tion of Duties (SoD) policy violations

• Automatic SAP audit trail• Elimination of redundant authorizations• Major savings on SAP licensing• Reduced SoD/SOX & authorization project costs• Intuitive browser-based interfaces for SAP• Fast, easy and totally non-intrusive installation

ProfileTailor™ Dynamics identifies unused objects, such as authorization profiles and roles, SAP activities, and

SAP programs - dramatically simplifying maintenance and upgrades.

Automation of in-house and outsourced auditing tasks through ProfileTailor™ Dynamics saves up to

30% on external auditor hours - including SAP audits, SoD/SOX

pro jects, and pre-defined risk reports.

Figure 4. Most Used Activities

Figure 5. Monthly Usage Report

Figure 6. Activities usage by Time Interval