Simplify privilege design and management in SAP HANA


Create Business View To Build And Manage Privileges

Saviynt + SAP HANA

SAP HANA security model is unlike traditional SAP. Given that enterprise (read non-SAP) applications and end users will have direct access to critical data in SAP HANA, it is paramount to design and administer its security model adequately. However, those familiar with SAP security model will face an uphill task in correctly designing SAP HANA’s unique privilege model.

Saviynt’s ACCESS PROTECTTM for SAP HANA simplifies privilege design and management by enabling users to define simple business and technical rules. The system then automatically converts those rules in to different types of privileges (including dynamic APs, System, SQL, etc.) and SAP HANA roles to secure the views, tables, schemas, etc.

Saviynt puts the power back in business’ hands to define, control and manage access to their sensitive data. It greatly reduces administrative overhead, especially when privileges need to be re-designed during expansive organization changes or extensive application re-design.

Automate Security Transport for SAP HANA

Saviynt streamlines progression of roles and privileges across multiple SAP HANA instances. Saviynt’s specialized connector not only provisions user accounts or assigns them roles but also creates, updates or retires those roles and privileges in SAP HANA. Organizations can easily incorporate their release and change management processes for security across multiple SAP HANA environments through a single pane and apply relevant security policies.

Automate Security Transport for SAP HANA

Firefighter and Emergency Access Management

Saviynt provides industry’s leading firefighter management capabilities with ability to request and provision elevated access to S/4HANA during business emergencies. A key distinguishing feature is that complete trace-ability of firefighter access is retained since emergency access is temporarily granted to user’s existing account only. After the completion of user’s critical actions / firefighter access, Saviynt automatically initiates a complete review of user’s audit / usage trail to ensure only authorized activities were performed. Saviynt further automates the life-cycle management of firefighter access with continuous review and certification of firefighter role and its contents by business role owners.

Continuous Compliance Management Made Simple

With over 200 ITGC and security controls to choose from and ability to add new ones, Saviynt allows security administrators to customize, manage and monitor controls framework for S/4HANA and Fiori applications. The system comes with a drill-down dashboard to monitor and analyze trends and history of control violations and automatically generates alerts for control owners. Saviynt’s controls workbench allows control admins to analyze / revoke conflicts, apply mitigating controls, investigate open ones and accept residual risk as appropriate.

Saviynt SAP HANA Solution Capabilities

Business Layer:

Business Layer that translates a very complex HANA data and security model into business view for the security and business teams. This is important since out of box HANA security requires a deep understanding of database object models and does not cater to the security team, business teams and data stewards

Automated User Management:

Saviynt enables preventative business and compliance checks during user creation and management processes

Real Time Audit:

Saviynt notifies security and business teams in real time when an access has been modified that violates an existing business or compliance rule

Automated Role / Privilege Design and Management:

Automated Role / Privilege Design and Management Based on the business rules defined, Saviynt creates and manages an optimized Role and Privilege model and provisions it to HANA

Reports and Dashboard:

Saviynt provides real time and historical security health and compliance reports