Access Informer brings significant added value to a number of key activities
PROVIDE GREATER ASSURANCE
That the access to sensitive information and activities is adequately restricted
That the access of employees that left the organization is timely removed across applications
That employees transferring to new positions within the company do not retain sensitive permissions
That segregation of duty conflicts are monitored within and across key applications
That user authorizations are timely modified to reflect and support organizational changes
ACCELERATE AD-HOC INVESTIGATIONS
Centrally investigate missing or excessive permissions without having to logon to the various target systems
Drill down and identify the root cause for excessive sensitive access and SOD conflicts and prioritize remediation
Simulate the compliance impact of modifying and removing specific SAP permissions
Leverage SAP User Transaction usage in analysis and reports to identify potential misuse of the access
REDUCE THE RISK OF FRAUD AND DATA LEAKAGE
Timely identify and remove excessive and unrequired access
Simplify the review of sensitive and conflicting access when employees change position within the organization
Identify and remove orphan application accounts, which are no longer linked to an active Active Directory account
Archive and restore snapshots of authorizations to support eDiscovery, audits and investigations
Assess and improve compliance with SOX and GDPR
Demonstrate compliance to auditors with minimum effort
Perform quality reviews of compliance rules
Support re-certification of user authorizations
REDUCE OPERATIONAL COSTS
Identify opportunities to remove, merge and simplify authorization to lower maintenance cost
Assess the impact of removing authorizations and reduce the amount of testing required
Generate scripts to automate remediation activities
Review and optimize user licensing
SUPPORT CRITICAL PROJECTS
Provide detailed analytics on user authorizations to support key company projects and initiatives
Timely adjust authorizations with organizational changes, such as mergers, acquisitions, divestitures and outsourcing
Evaluate the risk of sensitive access and SOD conflicts throughout an implementation and prior to a cutover or go-live
How is the pricing for the subscription determined?
- the number of user accounts being monitored
- the number of systems being extracted
- and the number of analysts using the Access Informer desktop application
Which type of companies is using Access Informer?
Who is the typical user of the solution within the company?
Can we conduct a trial of the solution in our environment?
Is the solution available on-premise?
Why is the solution not available as SaaS?
Does the extraction process requires any agents or code on the target systems?
How is the Access Informer Desktop deployed?
Installing and running the Access Informer desktop application onsly requires standard user rights on your workstation (i.e. no local administrator rights required).
Can the solution be deployed in Zero Trust environments?
Yes, the Access Informer solution can be deployed, and is currently used, in Zero Trust Environments.
The frontend can be accessed via a Citrix/VM environment.
Minimal network confirguration is required to enable the communication between the frontend and the SQL backend of the solution and between the backend and the target systems from which user authorization information is extracted.
Is the solution compatible with SAP S/4HANA?
Yes, the Access Informer solution can be used with most SAP releases from 4.6C to the latest S/4HANA version, with the exception of the Public Cloud edition of SAP S/4HANA.
The Public Cloud edition of SAP S/4HANA is currently restricted by SAP to only access the application through FIORI apps and does not provide any connectivity options such as RFC, SAP GUI or ODBC for integrations with in-house or third party applications.
Founder / Director
15+ years of experience in IT Consulting, Audit and Security roles in large companies including Sun Microsystems, KPMG, Altria/Philip Morris and Kraft Foods
Combines Business Degree from ESCP Europe with IT Security expertise
Achieved key IT Security and Project Management certifications, including CISSP, CISA, CISM, CGEIT, CRISC, ABCP, and PMP
Business Development Manager
Business Development and Innovation activities with 10+ years experience as Area Sales Manager in Multinational Listed Companies. 5 years as Project Manager.
B2B experience in technological sectors: Electrical equipment, sensors industry, rail, energy, automotive, process automation and power electronic sectors
Business Development Advisor
Fellow of Order of Chartered Professional Accountants of Quebec (Canada)
Chartered Financial Analyst (CFA)
Finance, risk management and audit/internal controls professional with fraud investigation experience and an international track record in Big Four / Fortune 100 and private-sector & non-profit board experience
Seasoned professional in the areas of management consulting and corporate finance
Extensive experience in management positions and leading strategic, international projects for renowned companies in the Financial Service, Consultancy and FMCG industries
Master in Economics and a master in advanced European Studies
OWASP Geneva: Chapter leader
Web application threats and countermeasures
Secure development lifecycle
Penetration testing and vulnerability assessment
Software threat modelling and risk analysis