| A
quick overview about bioLock's extensive functionalities:
Please
note that we can only give you a quick general overview on this website. Please
give us the opportunity to present to your security team over the Internet at
your convenience and we would be glad to share more details. Contact us
to chat or schedule an online presentation (email) |
 |
The
"Log On" to one or many SAP systems:
PLEASE
NOTE:
This is were all other
biometric, single sign on or access control solutions STOP...
...bioLock's functionality
just gets STARTED!
Open
the bioLock Single Sign On (upper window below) and select one of your SAP systems or any other
system or network environment (NON SAP). You will be asked to put the finger on the sensor
or insert your smart card and the
application will be launched. If you have selected an SAP system the SAP system
will be launched. The normal SAP Logon Screen will be skipped and no log on and
password will be necessary. This convenient step is optional and many users
still prefer to use the SAP GUI Logon. In this case the would put in their
logon and password and than re-confirm (SAP ID Check) their identity via
biometrics.
Enrollment
takes seconds:
The
enrollment of a user takes seconds. Just enter the name (preferably the same as
the SAP User name), select the finger and put THAT finger on the sensor
3 times. All 10 fingers can be enrolled and even a smart
card can be added to that person.
The
bioLock Log File:
The
most important part of bioLock is complete identity management. Every person
will be uniquely identified and their actions will be clearly recorded in the
bioLock log file. This file can be saved and emailed and your auditors always
know who did what and when in the SAP system. You can tell who accessed which
protected function or field or who WAS DENIED trying to access a protected
transaction. Since the protection is down to the 'object level' the object is
protected in the entire system.
Sort
the log file:
You can sort the log file by any columns or filter it to view activities
of individual people.
Define
your protections:
In
this menu you can enter the transactions that you would like to have protected. To
make the system even more secure, realtime has added smart card functionality. Now you can protect
everything you could guard before, either with biometrics,
or a smart card, or a combination of both. With this feature,
you can log any transaction and select as protection 'smart
card only'. As long as the smart card is inserted in the
reader of the keyboard, the user won't even notice a
difference and the system will perform as before. But once
you remove the smart card, any user will be rejected trying
to access protected functions. Of course you can set the
system to ask for the smart card and biometrics to
give you a dual authentication for critical tasks and more
precise identity management. For any critical transactions,
realtime suggests the smart card and biometrics for the
ultimate Two-Factor Authentication. realtime's bioLock is
compatible with all different CAC Card versions from the US Government.
Assigning
biometric users to SAP users:
We
suggest to enroll the biometric user with the same name as the SAP user. In
this case the template will be automatically assigned. You can use this table
for exceptions. In many cases the Director 'Neudenberger' would like his secretary
'Inga' to work with his SAP user profile. In this case 'Inga' can do so, but if an
unauthorized wire transfer is done from the 'Neudenberger' SAP account, 'Inga'
will be uniquely identified as the person, who did it (see log file).
In addition, realtime created a ‘dual confirmation group’, which can be assigned to any function or transaction. Now it takes one authorized person to request a wire transfer with biometrics and another, 2nd individual, to authorize that request. Of course there could be a 3rd and a 4th person defined for the case that the 2nd person is not available. The log file will clearly state which person requested and which person authorized the request.
The idea is the same like two signatures on a check. Two people will be
responsible!
Protection
can be individually assigned:
In
this menu you can customize individual transactions for different users. Generally we
would suggest to protect critical tasks globally but exceptions can be made.
Protecting
Info Types:
The
protection of Info Types in the latest bioLock is as easy as entering the Info
Type in the table below.
Easy
protection of 100's of transactions:
The
easiest way to protect multiple transactions is to upload the transactions via
excel spreadsheet to the security menu. The security menu will automatically
removed the ST-Code from the original authorization and only allow access via
the bioLock security menu, which of course is protected with biometrics for
authorized users.
Much
more is possible:
This
page should just give you a brief overview of what we can do in the SAP
system. Customer request included masking or hiding fields, checkmarks, print
or execution buttons, changing values, changing includes, protecting unique
user ID's and much more...
Please
contact us for more
information and
schedule an online technology demo
for your SAP Security / Basis Team !
info@realtimenorthamerica.com
