With the SAPPHIRE NOW and ASUG annual conference underway – and the theme of “Building an Intelligent Enterprise in the Experience Economy” – I have been thinking a lot about the intelligent enterprise.
One thing intelligent enterprises know how to do is make good decisions. But being decisive is not enough –decisions must be right. Going with the gut doesn’t cut it anymore. Good decisions need data. Decisions about what to sell, how to sell it, and how much to sell it for need market data. Decisions about how to make something and what tools to use to make it need operational data. And, decisions about how to manage SAP access, how to design a new role or change an existing role, and whether someone should retain their access, all require data. User activity data is especially useful when making decisions about SAP compliance and security.
User activity data enables businesses to make better decisions, faster, with regard to their SAP applications while simultaneously avoiding:
• unacceptable risk
• higher costs
• confused managers
• angry (and waiting) end users
Unfortunately, even when user activity data is available, it can be challenging to interpret and use effectively. Two management gurus, Megan MacGarvie and Kristina McElherann, in their book HBR Guide to Data Analytics Basics for Managers, explain that where there is an abundance of data but insuffient time or resources for extensive analysis, people rely on simplified procedures to help them make decisions. These shortcuts often lead to poor decisions and systematic mistakes.
It doesn’t have to be this way for SAP user management. Security Weaver’s Transaction Archive offers a solution to the challenges of gathering, analyzing, and archiving user activity data.
First, it captures detailed user activity transaction histories and then allows managers and auditors to see, over years, detailed records for each user based on the transactions exercised in a given time period. Data can also be presented based on user group membership and other criteria. This provides an unprecedent level of data for detailed forensic reviews. Which means better decisions by security and compliance managers.
Second, Transaction Archive uses detailed user activity history to analyze the existing role environment. Transaction Archive determines which users are assigned a given role and what percentage of the role’s transaction have been executed by a single user, a group of users, or across the entire user population. Through advanced role analytics, administrators can understand role utilization based on the historical data. Using this data, administrators can confidently redesign or alter roles knowing that SAP end-users will not have their work impacted. In other words, with Transaction Archive administrators can make decisions about how to improve security and compliance without users feeling their freedom and productivity are, once again, being sacrificed in the name of security and compliance.
In short, better data = better decisions. And better decisions are at the heart of transforming an average company into an intelligent enterprise.
For more information on how Transaction Archive can help you make better security decisions for your organization, visit http://www.securityweaver.com/solutions/role-lifecycle-management/transaction-archive.