http://www.realtimegroup.de
 
http://www.realtimegroup.de Education
  - Fraud Mitigation
  - Password Fishing
  - Technology Movies
http://www.realtimegroup.de Press
  - Press Releases
  - realtime Articles
  - Press Kits
http://www.realtimegroup.de Events
http://www.realtimegroup.de Jobs
  - Job Offers
  - Application Form
http://www.realtimegroup.de Online Demo
http://www.realtimegroup.de Contact


aa
http://www.realtimegroup.de
Sitemap
Copyright
 

 


 

.

5 Levels of Protection within the SAP System

control authorization access - protect individual transactions - lock info types - mask fields

Scroll down for detailed info

 

 

 

 

5 Level Protection

For the first time, SAP users can uniquely identify the actual user and reject unauthorized users based on their biometric credentials. bioLock is the only SAP certified biometric technology that can offer your company 5 levels of protection within the SAP system:

  • Level I    - SAP Logon

  • Level II   - Transactions

  • Level III  - Fields and Infotypes

  • Level IV  - Field Values

  • Level V   - Dual Confirmation

 

Protect your companies most valuable assets 'the right way'!

 

 

bioLock configuration

As a first step, realtime enables the SAP logon protection and defines if the customer would like this function to be protected 'globally' (for all Users in the SAP system) or just for a selected group of power users. For the 'logon' it is generally recommended to protect only individual power users so their SAP User Profiles with extended authorizations are secured from unauthorized Access. 

Then, realtime will work with your team to show them how to put the 'bioLock door lock' into individual functions, fields, user exits, buttons, etc. The process is straight forward and can easily be repeated by any developer in collaboration with a SAP security lead.  Once a 'bioLock door lock' is implemented, a unique ID which than refers to the bioLock system, is assigned to this door lock . In the bioLock transaction the technology now controls the detailed settings of the biometric door lock:

 

  • 'bioLock door lock' is protected for all users or just selected users 

  • Fingerprint or a smart card or both is required to enter

  • Successful entry or a rejected attempt is logged in the log file

  • Dual authentication will be necessary

  • VIP Access can narrow access even further down

  • Individual access can be defined for each user and function

 

 

 

User enrolment and assignment

To Enroll a user in bioLock, open the bioLock Administration, type the users name and ask the user to put the finger of the sensor 3 times. A biometric template will be created. We recommend to 'name' the bioLock user name (biometric template/ID) the same as the SAP User name. In this case the biometric template will automatically be assigned to the SAP User. The users could be at a remote location when enrolling the template. We can assign multiple biometric user IDs to one SAP User name. The biometric template of the executive assistant could be assigned to the SAP profile of the Executive; but only authorized users can work using the executive SAP profile and they will always be uniquely identified using biometrics. At the Polk County School District, assistants are authorized to use the principals' user IDs and passwords. One assistant abused her access to assign herself significant overtime on behalf of the principal. bioLock can be configured to allow the assistants to sign on as the principal. Further, they can execute certain functions that are protected with bioLock. However, the overtime transaction is protected on the VIP level and only principals are allowed to execute that transaction.

This functionality also solves the well known challenge of multiple people using one computer and never changing the SAP user (for example in a production environment, health care, bank teller or any larger departments).  With bioLock, a generic SAP User could be established (like 'Production Floor One') and 10 different biometric templates will be assigned to this profile. These 10 Users can work with the same profile all day without logging off and critical tasks will be uniquely identified via biometrics. It is the ultimate solution where 'Fast User Switching' is required. Download our 'warehouse case study' for more information (pdf

For very critical tasks, the system can be set up so that 2 different users have to authorize the function with biometrics (like two signatures on a check). We can protect the function with biometrics or smart card or both, if a dual authentication is required. Every authorization or rejection is clearly logged in the bioLock log file that can be conveniently backed up every night or emailed to the supervisor. Color coding and filter make it very easy to see, who did what and when in the SAP system and even more important, who was denied trying to access critical functions. Refer to the  'How bioLock Works' section for more details and screen shoots. 

 

 

SAP Certified and easy to implement

bioLock is the first and only SAP certified biometric technology  (4.6/4.7 and NetWeaver certified)  that is truly integrated within SAP. bioLock is installed in our own '/realtime' namespace via SAP transports. The technology 'sits' on top of your existing security and will not change your SAP User roles. Installation and training only takes a few days and since the use is very intuitive, no training is required for the end user. Most customers are fully up and running in a few weeks. 

 

 

The advantage of using bioLock

While access control solutions attempt to control the access to entire computer systems or applications for all users, bioLock reverses this old and outdated security concept. bioLock protects the critical information on the transaction or data level and 'invites' selected power users based on their biometric credentials to access the protected functions or data. All other employees, or intruders, will not be able to access them since their biometric template does not authorize them. For the first time, you will be able to 'guarantee' the CEO that only the CFO can change the critical financial statements, not everybody that can get a hold of his or her password!

Sarbanes-Oxley Section 404 requires that companies develop strong internal controls to prevent and detect fraud. With over 20 ways to get access to passwords, fraud prevention cannot be accomplished. bioLock offers Internal Control and Audit departments, not only the ability to prevent unauthorized access on all levels, but also to prove, who did what and when within the SAP system. bioLock was developed to secure SAP users in critical organizations like the government, financial institutions, insurance companies, healthcare and utilities. It is also used to protect critical departments such as Finance, HR, IT, Production, Management and other selected employees handling sensitive data to protect any company from fraud and help them to comply with mandatory regulations. 

Employees can be enrolled in seconds and the management always knows who accessed critical information or who was denied trying to do critical tasks without permission in the SAP system. Independently from the SAP user who 'signed in', bioLock will uniquely identify the actual user based on biometrics and log his or her sensitive activities all the way down to the field or object level. The information is kept in the SAP log file or in bioLock’s independent log file and can be viewed, stored or emailed to the supervisor. Auditors can now prove which person looked at the balance sheet, changed the purchase order, checked for social security numbers or did that $1 million wire transfer to a foreign country. Most important, once a critical function within SAP is logged down with bioLock, the technology will only allow assign users with enrolled biometric templates to execute that function (by invitation only). Others; like hackers, disgruntled employees or even administrator with SAP* (SAP ALL) will not be able to execute.

 

bioLock in practice

bioLock on the SAP HCM Booth at Sapphire

 
At SAP:

SAP has been a strong promoter of the bioLock solution and has presented the system on their Homeland Security booth for multiple years at Sapphire. At the most recent conferences, bioLock was also presented at the SAP Financial and HR Pavilion. 

Many SAP SE's, AE's and executives are equipped with biometric devices, such as our own bioLock mouse (link) and demo the bioLock technology. Ask your SAP representative about a demo!

 

 

 

At Brevard County:

Brevard County Government - home to NASA and Kennedy Space Center - won the prestigious Infoworld 100 award in 2003 protecting critical HR functions to comply with HIPAA.  

In 2005 SAP TV made a movie about the bioLock technology that was filmed in Brevard County at the Emergency Operations Center and at the Kennedy Space Center. We would like to invite you to view this great movie about bioLock (link).

 

Pete Gunn, Director of Safety and Security at NASA
together with Thomas Neudenberger, realtime

 

 

 

 

Abdussalam Taguri, The School’s CIO

 
At the Polk School District:

SAP announced at Sapphire 2007, that the Polk County School District, Florida has installed bioLock to protect their principal's user ID's and HR information to comply with mandatory regulations. Please see the press release as HTML or PDF version. 

The Polk School District also presented at multiple SAP conferences, why they replaced outdated passwords with biometrics and told the audience a true story how they became a fraud victim. You can view the educational presentation on the ASUG website or download it here (ppt). 

 

 

 

 

bioLock is compatible with most biometric devices and laptops

View a list of bioLock compatible devices and laptops (link)

realtime has integrated one of the word's leading BioIDENTICA® SDK which guarantees proven top-class fingerprint recognition performance. It was developed by the former CIO of Siemens Biometrics and is compatible with most leading fingerprint sensor manufacturer's. As a result, bioLock works with over 80 laptops (with build in fingerprint sensors) and over 50 individual biometric USB devices. 

Cherry Electrical Products is market leader for biometric enabled keyboards that can also be combined with smart cards for dual authentication (supported by bioLock). Cherry also offers the Cherry ID Mouse with a touch sensor on top of the mouse. A low cost USB device from UPEK called the Eikon features a swipe sensor build into a modern desktop device. The same swipe sensor is also implemented in many laptops. 

While the swipe sensor works fine, realtime would recommend choosing a device with a touch sensor to increase the positive user experience, if the customer has the option. Zvetco Biometrics offers a very elegant and durable USB device with a touch sensor called the P5000. 

 The Hamster product line from SecuGen, which is FBI approved, FIPS 201 and PIV compliant. We also launched our own bioLock mouse with an optical sensor, conveniently located, where your thumb rests - powered by Secugen (link).

 

 

Cherry Keyboard with sensor and smart card

 

 

 

Cherry ID Mouse

SecuGen Hamster

Leading Laptop Manufacturers

Zvetco P5000

              bioLock Mouse

© realtime North America Inc., Tampa/Florida. All Rights Reserved.

http://www.realtimegroup.de
NBC/Channel 8 News:
Crime Tracker (link)
News Anchor Krista Klaus visits realtime to discuss the danger of using passwords
Tamba Bay News:
Tampa Bay Online reports about realtime and passwods (link)
Article about realtime including an interview with Director of Security for Space Florida
Press Release:
Purdue Pharma - Zvetco - realtime (PDF)
Purdue Pharma installs bioLock to secure critical financial applications
TechEd 2009 Phoenix
Oct. 13-16 Session ID # SIM206 (link)
bioLock Presentation: Enhance SAP Security with biometric Authentication
Biometric Consortium Conference 2009 Tampa
Sep. 22-24 with Partner Zvetco Biometrics (link)
Visit us with our partner Zvetco at Booth 502 to see a bioLock demo
ASUG Houston
Aug. 20th at Houston Baptist University (link)
Presentations with partner TK Consultants
ASUG 2009 Brazil
Aug. 8, Room Ilhuca (link)
Presentations with partner Opensis
Sapphire 2009 Orlando
May. 11-14 at Dolphin Booth # 327 (link)
Visit us at our partner, Dolphin Corporation
GRC 2009 Las Vegas
Mar. 17-20 in Las Vegas Booth # 160 (link)
Visit realtime's booth for a chance to win a biometric mouse
SAP Info Article highlights bioLock!
Biometric Security for Financial Meltdown Solutions: (link)
The article highlights bioLock 10 times as a solution to secure SAP Financials
eWeek Article
Read over 8000 times:(link)
How Wallstreet Can Mitigate Financial Fraud Using Biometric Authentication
The new bioLock Mouse powered by SecuGen(link)
This special edition Secugen device was created for SAP employees, but is also available for bioLock customers
SAP Tech Tour, Mexico(link)
At the 22nd July 2008 realtime Mexico exhibits at the Nikko Hotel
realtime welcomes
Delta Consulting
as new partner
Delta Consulting has a strong SAP customer base and educates them through frequent WebEx sessions about bioLock