Bio Lock Exec 110329
description
Transcript of Bio Lock Exec 110329
The only SAPThe only SAP®®-certified fingerprint authentication, -certified fingerprint authentication,
identity and risk management for SAPidentity and risk management for SAP®® systems systems
Bulletproof SAP® security at your fingertips!
Executive Overview
© 2011 realtime North America Inc., Tampa, FL. All Rights Reserved.
Founded in 1986 by former SAP® managers
Certified software, services & special expertise partner
Specializing in governance, risk and compliance (GRC)
Serving many industry sectors including food,
pharmaceutical, chemical, automotive, aerospace,
defense, engineering, government and more
Flagship software product, certified by SAP® since 2002
is
Bulletproof SAP® security at your fingertips!
Who is realtime?
Selected realtime clients
3M, AIRBUS, Alcan, BASF IT Services B.V., Bayer,
Bayer CropScience, Brevard County Government,
California State University, Campbell's,
GlaxoSmithKline, Harman Kardon Music Group,
Krupp Bilstein, Linde, Loewe Opta, Marathon Oil, Océ
Document Technologies, Polk County School District,
Purdue Pharma, Siemens, ThyssenKrupp Michigan,
Toyota, United States Army…
Over 200 global clients served!
What were these users looking for?
was developed to provide these
benefits demanded by users:
Dramatically increase SAP® security capabilities
Manage user identities via indisputable biometrics
Control access to functions down to the field level
Enforce true Segregation of Duties (SoD)
Ensure meaningful compliance with:
Sarbanes-Oxley, HIPAA, ITAR and more
Is your system bulletproof?
Standard Version
+
Bulletproof Version Bulletproof Protection
Standard Protection
According to the ACFE’s 2010 Report to the Nations on
Occupational Fraud and Abuse , based on global data, organizations lose about 5% of annual revenue to fraud. Insider schemes can go undetected for years, frequently involve first-time offenders.
Ref: Association of Certified Fraud Examiners www.acfe.com
#1 Risk: Fraud is a growth industry
Risk of Financial Fraud?
HIPAA Compliance?
Sarbanes-Oxley (Section 404)?
ITAR?
Industrial Espionage?
Other regulations?
Are you concerned about…
Decline in stock price?
How would an incident affect you?
Financial loss?
Negative publicity?
Lawsuits?
Loss of intellectual property?
“What you have”,e.g. CAC card, smart card:
3 types of security protection
“Who you are”,
e.g. fingerprint scan:
“What you know”,
i.e. password or PIN:
Biometric technology offers the highest
security
Fingerprint Scan = Maximum Security
Are you still relying on this?Are you still relying on this?
User password SAP® Software
Passwords are often written down, borrowed or stolen.
Provide “perimeter” security but no additional layers!
Traditional SAP® log-on process uses passwords
How to Bulletproof your system:How to Bulletproof your system:
Upgrade SAP® user profiles with fingerprint scans
Users are prompted as shown when performing critical functions
Fingerprint scans prove conclusively who users are - while protecting their privacy!
SAP® SoftwareEncrypted scanUser’s fingerprint
X
What devices can verify user identity?What devices can verify user identity?
Plus one of these… (optional)
+
Potential Future Development
bioLock is compatible with over 80 laptops (with built-in fingerprint sensor) and over 50 independent devices like mice, keyboards, or PCMCIA Cards.
is hardware independentis hardware independent
Cherry ID Mouse
Convenient Touch Sensor
bioLock ID Mouse
Powered by Secugen
Leading Laptops
23% have Swipe Sensors
Secugen Hamster
FIPS 201 Compliant
UPEK Eikon
Low-cost Device Cherry Keyboard
Smart Card Option
Zvetco P5000
High End Device
SAP® log-on & system access withlog-on & system access with
Logon authorized
Logon blocked
Logon bioLock checks authentication rules
bioLockuser/
function
bioLock prompts you for fingerprint
Fingerprint comparison with table
bioLocktemplates
bioLock identifies unique points (minutiae) within a fingerprint and creates an encrypted, digital template
– no images of fingerprints are ever stored!
Note:
Perimeter Security - Level I
Transactions – Level II
Fields - Level III
bioLock can control all 5 Levels
using fingerprint scans!
Bulletproof security requires 5 LevelsBulletproof security requires 5 Levels
Financial Limits – Level IV
Dual Approval – Level V
Log-on to a Profile (e.g. Admin)
Transactions (e.g. HR / PO / Finance)
Infotypes (e.g. 008/167 etc.)
Buttons (e.g. Print / Export / Execute)
Display (e.g. Balance Sheet)
Execute (e.g. prevent execution of anything…)
Tables within SE16/SE16NPrograms within SE38Values (e.g. wire transfer over a certain amount)
Screens (e.g. export control / ITAR )
Dual AuthenticationMask Fields (e.g. make data invisible)
Example – Masking Field Data:
Multiple Control Points per UserMultiple Control Points per User
Unaffected by SAP® versions or upgrades
Existing SAP® passwords and authorizations are unchanged
Compatible with all SAP® versions from 4.x onward
Profiles are 100% customizable on a user-by-user basis
Roll-out timetable is entirely controlled by you.
You decide what aspect of your system needs to be protected and how stringently!
- Seamless Integration
Bulletproof bioLock Security
User selects the transaction “ME21N” to create a purchase order
NOTE: This could be virtually any R/3 transaction such as SE16 or SE38
User is prompted for a fingerprint scan to
complete the activity (Security Level II)
Example – what a user sees…
Log FileEnhanced activity logging
Sorted by error / threat category
Audit trail is greatly enhanced Example: Unauthorized attempt to log on with another user’s Password
SAP USER profile…
…and the REAL USER as identified by fingerprint
Sample Success Stories - Sample Success Stories - Achieve compliance with HIPAA by protecting private employee / HR information
Ensure proper approvals for purchasing by automating workflow with external browser access for senior executives
International bank prevents fraud with dual authentication and strong financial controls, masking data from unauthorized viewing
School Board prevents payroll and personal expense fraud which went undetected for years
European power plant protects all purchase orders and workflow for several thousand users
Benefits of Benefits of Installation and configuration of bioLock is very rapid.
Training requirements are minimal.
Impact on users and IT support staff is low, both during installation and in use. Only “power users” are involved.
Ongoing compatibility with different SAP® versions is assured.
In a very short time, you can start enjoying benefits such as:1. Dramatically increased SAP® security capabilities2. Manage users’ identities via indisputable biometrics3. Control access to functions down to the field level4. Enforce true Segregation of Duties (SoD)5. Attain meaningful compliance with SOX, HIPAA & ITAR
A starter package could cost less than a single fraud incident.
realtime North America, Inc.WORLD TRADE CENTER
1101 Channelside Drive, Tampa, FL 33602T: 813-283-0070 F: 813-283-0071 Email: [email protected]
Web: www.bioLock.us
Martin LumDirector of Business Development, Northeast
813-310-7007
Please contact us for a demonstration Please contact us for a demonstration or pilot installation:or pilot installation:
1-877-bioLock [email protected]