While security has always been a key concern for organisations, the growth in governance, risk and compliance (GRC) legislation means that it is more important today than ever before. For this reason, companies are seeking more secure ways in which to allow employees access to critical corporate applications.
“This has led to a growing demand for multifactor authentication,” says Nick Perkins, divisional director for identity management at Bytes Systems Integration.
“In other words, companies want to move beyond the standard username and password manner of authentication, and are increasingly looking to biometrics to solve this issue. We have taken cognisance of these needs, which is why Bytes, in partnership with Realtime, can offer enterprises Biolock, which is the only biometric identity and access management software certified by SAP,” says Perkins.
“SAP is one of the most business-critical systems in an organisation, and interactions performed within it can have far-reaching consequences for an enterprise. By implementing Biolock, management is able to know, indisputably, who is logging in. And since they can set unlimited re-authentication checkpoints, management is able to control what areas can be accessed and exactly what can be done by whom inside the SAP system.”
For example, adds Perkins, on the finance side, management may choose to set limits on purchase orders and transactions, while individual executives can have their visibility of data within the system limited according to their individual roles.
“Moreover, with Biolock, nobody can copy another’s identity, since it is based in fingerprints, while former employees, consultants or hackers are easily blocked. The software has also been developed with ease of use in mind, which is why it can integrate with over 80 models of fingerprint scanning devices.”
Perkins points out that Biolock has been specifically developed to deliver a complete access and authentication solution to organisations that utilise SAP, which is why it is easy to implement and integrates seamlessly into the SAP system.
“Effective security is about knowing who is doing what within your organisation. It is equally about setting limitations and ensuring that there is an effective audit trail that can verify, in a tamper-proof manner, who has authorised or performed specific tasks. In this way, compliance requirements are easily met. At the end of the day, Biolock serves as the gateway into the SAP system, ensuring access to information and transactions is securely governed,” he says.
In fact, the benefits of Biolock are many and varied. Not only can it be used to create true accountability for individual users’ actions, it can be utilised to enforce any segregation of duties, or checks and balances deemed necessary by the organisation’s business management or regulatory requirements. It also generates a robust audit trail of user activities, including failed access attempts, and provides employers with legal ammunition to pursue rogue employees.
“Biolock software complements, reinforces and sits on top of existing SAP security and GRC, ensuring that security is no longer a recommended set of protocols, but a strictly enforced procedure, says Perkins. “Moreover, employees can be enrolled into the system within a few minutes and it is flexible enough to be used across industry verticals for the mitigation of financial fraud and inventory loss, for time and attendance control, point of sale security, access to information, pure logging and physical access.”
There is an additional benefit to a security offering like Biolock, he adds: since it is fingerprint-based, employees cannot accidentally forget their password. In an organisation with thousands of staff, suggests Perkins, employees regularly forgetting – and thus requiring IT to reset – their passwords can be a very costly exercise.
“Biolock therefore offers the two things every enterprise is constantly striving to achieve, namely, it improves productivity while at the same time reducing costs. Moreover, it ultimately tightens up the SAP ship, by delivering a security and authentication solution that is just as modern and effective as SAP itself,” concludes Perkins.