As access rules grow in complexity, SAP’s standard roles-based authorization model is reaching its limitations.
Enforcing governance policies aligned to global trade regulations, segregation of duties, or the segregation of access between different business units requires an attribute-based layer of access controls beyond standard role-based controls.
SAP Challenges
■ Static, roles-based access controls (in a dynamic environment) create user friction and require excessive customizations to accommodate slight differences in privileges
■ Custom development is typically required to add access control restrictions based on attributes such as: IP address, location, nationality, business unit & project affiliation
■ Segregation of Duties (SoD) policies relying on coarse-grained rules that can create unwanted business risk
■ Roles-based access controls (alone) fail to provide the optimum level of security for high-risk data
Implement Attribute-Based Access Controls with xSAP Business Solutions Security Platform to mitigates security concerns by restricting unauthorized data access
