The reduction of the access rights of IT department is a priority often pointed out by auditors!
But their activities require the implementation of an emergency response procedure with extended accesses to SAP systems.
PAM SWAWE Solution: How it works
The emergency user management module in SWAWE makes it possible to customize and control this process in a secure way and above all, to provide comprehensive reporting capabilities of these interventions for optimal control.
With or without the implementation of a review and approval workflow, SWAWE can meet the needs of IT users and auditor requests.
While staying connected with their usual SAP user (and therefore keeping favorites, default settings and without changing sessions).
A PAM process under control
A first check is carried out when proposing the extended roles to the superuser requester. This role limitation is defined according to the organization to which the applicant is attached.
Then, to further secure this process, you can set up a validation workflow by a manager.
All actions performed through the superuser are traced, historized and auditable.
Reports and graphs make it possible to have a synthetic vision on the use of the super-user: who used it? What transactions were executed? Which information have changed? Period of use? How many times?
Continuous control of access to privileged accounts
All tasks related to the use of the super-user are stored in SWAWE. These are therefore auditable and we can find the name of the participant, the purpose of his request, the name of the validator, the transactions actually executed and the modified data. Reports and dashboards provide a synthetic view of the number of requests, who uses them, the transactions executed...
Main features of the PAM SWAWE solution:
Customizable reports and dashboards
SWAWE has been designed to offer customizable reports and/or dashboards to meet the needs of the IT department, internal control, financial management, audits. In the context of the use of the superuser, we can build graphs on the transactions executed by stakeholder, on the frequency of use, on the execution of very sensitive transactions.
Access to logs
All tasks related to the usage of the superuser are stored in SWAWE.
These are therefore auditable and you can find all the useful information, such as the transactions actually used and the modified parts. Moreover, it is also possible to compare the needs indicated in the ticket by the performer and the transactions actually executed.