su53 helps SAP customers with managed security service
su53 believes it has found a gap in the market where companies need specialist skills for SAP governance, risk management and compliance.
su53 Solutions has launched a new managed security service to help firms keep a closer eye on SAP governance, risk management and compliance (GRC).
The operating and support service for SAP environments is the first ever fully integrated service of its kind for SAP systems, according to su53, and is aimed at firms looking to avoid any problems when an audit comes around.
All different versions of the package offer monthly reporting on activities and a quarterly assessment of what improvements could be made.
Other services include regular or ad-hoc compliance assessments and GRC reviews, consulting services, security advisories and technical support.
Clients can also take advantage of the SAP Security Outsourcing option, so they do not have to worry about managing this area, although su53 said it would only "probably" cost less than controlling this area in-house.
"Most of the big players don't specialise in this area. They have some general skills, whereas we have very deep skills," Martyn Proctor, managing director at su53, told IT PRO.
"I think the risk that is most common at the moment and the one that the auditors will tend to pick up on is to do with segregation of duties. This is where people have privileges and access to a system to do things which could be in conflict."
In this case su53, which is itself an SAP partner, helps identify where such conflicts exist, Proctor added.
The various packages are delivered from Northern Ireland, a country offering some of the lowest operating costs in Europe, su53 said.
The location also provides companies with the confidence that personal data accessed by the managed security service is kept within the regulatory environment of the region.
"We chose to use Northern Ireland as there is a sense amongst a lot of customers that they'd like to have security and risk management looked after fairly close to home," Proctor said.
A case in point
One company that has already taken advantage of the managed security service is Anglian Water.
The company had found they had around 2.7 million conflicts arising in their segregation of duties, explained Anglian security risk manager Sandra San Vicente.
The in-house team wanted to work on lowering the number of conflicts, but realised they could not do it alone so brought in SU53.
"At Anglian we chose to in-source our SAP security authorisations function from our main IT provider, and configure and manage our own GRC tools. SU53 has been a key partner in enabling us to implement this strategy," Vincente said.
2021 Thales access management index: Global edition
The challenges of trusted access in a cloud-first worldFree download
Transforming higher education for the digital era
The future is yoursFree download
Building a cloud-native, hybrid-multi cloud infrastructure
Get ready for hybrid-multi cloud databases, AI, and machine learning workloadsFree download
The next biggest shopping destination is the cloud
Know why retail businesses must move to the cloudFree Download