How did our geofencing and multi-factor authentication solution for SAP help a major pharma company in securing their SAP environment?
The Challenge
In the wake of the pandemic, the lockdown forced companies to work remotely from their homes. Users were forced to use home wifi and shared internet service to connect to their SAP systems, making the endpoints less secure. An intruder can gain access to these endpoints and discover the IP/hostname of the business systems that are critical in order to trigger a remote connection and access these systems.
The objective is to provide a solution that addresses these key requirements, such as enabling geo-fencing for a subset of critical users and setting up two-factor authentication (2FA) or multi-factor authentication (MFA) in SAP.
Our solution
By deploying our SAP Certified solution – UserSentry, ToggleNow added an additional layer of security i.e. multi-factor authentication, in addition to the standard SAP authentication.
How UserSentry helped
to secure SAP environment
User to authenticate with two additional passwords that are sent on email and mobile using the multi-factor authentication (MFA) capability.
Geofence the IDs to log in from specific locations.
Validated users based on other parameters including the terminal ID from which the user is logging in, the Operating system, SAP GUI version, Screen resolution, availability of Anti Virus or Firewall systems, and so on.
Additionally, activities such as dormant ID reviews, and dormant role reviews can be automated where the system automatically deactivates any IDs/roles that are no longer in use.
The system also monitors the critical business data downloads and informs the user and his/her RM on the Data classification and usage guidelines.
The Advantage
- We were able to enable 2FA/MFA i.e. multi-factor authentication within 2 days after implementing UserSentry.
- Geo-fenced the users to particular latitudes and longitudes, and we secured the system by allowing only valid users by using various authentication parameters.
- Revalidate the users with a secondary password every 30 days (KYU process)
- Our client was able to save 40% on L1/L2 costs after automating the dormant ID process in all SAP systems.
- We have implemented controls on critical business data by sending notifications when critical data is being downloaded from the system. The client was also able to track the quantum of data that is being downloaded from the SAP systems.
Get in touch with our expert now!
