Hi All,

Many experts have shared their knowledge and helped here in this space with their vast experience. Be it a technical question of a question related to IDM domain.

I want to thank them all before going ahead writing this document, as I am also one of the beneficiary who gained good knowledge on SAP IDM and Identity & Access Management domain.


This document, highlights about the challenges faced  by the enterprise related to identity management and how an identity management solution address the challenges. The business benefits of IDM solution are also highlighted. The content of this document may be helpful for the people who want to explain what is IDM & why IDM is required for an enterprise.

Identity Management problems faced by Enterprise


Following are the few challenges listed.


  • Difficulties in managing user identities growing, across the enterprise.
  • User roles and responsibilities are getting more complex.
  • Manage user identities and roles across complex heterogeneous systems.
  • Maintaining access permissions and authorization during employee internal movements.
  • No formal process to ensure accounts & access are disabled/deleted for staff leaving the organization.
  • Inadequate controls over requesting, authorizing & granting access to critical applications across enterprise.
  • No centralized view to perform periodic reviews of users and users access rights.
  • Unable to meet compliance requirements.


Identity & Access Management Solution

Untitled.png


Functions


Centralized user management for various systems in the heterogeneous

  system landscape.

Automatic user provisioning & de-provisioning to the connected systems.

Password Management Capabilities.

Role Management & Rule Management.

Workflows to support business process.

Role Assignments based on approval workflows.

Compliance, auditing & reporting capabilities.

Employee Self Service capabilities.


Business benefits


Right Users have Right access to Right systems.

Single system to manage users & access across the organization.

Reduced Help Desk costs.

Reduced Administration costs.

Reduced Audit costs.

Improved regulatory compliance.

Improves employee productivity.


SAP NW Identity Management


  • Grants and manage user access to heterogeneous applications securely and efficiently.
  • Incorporates business driven Identity Management process.
  • Strong connector framework for SAP Business suite & Portal environments, ABAP/JAVA Stack, third party, operation systems, file systems & databases.
  • User provisioning,  Role & Rule based Provisioning, workflow & approvals capabilities.
  • Role Management, Rule Management..
  • Password Management & Employee Self service activities.
  • Identity Visualization – unified view of Virtual identity of users.
  • Identity Federation & Single Sign On (with eSSO).
  • Strong reporting, Auditing & Reconciliation capabilities.

SAP NW Identity Management – Heterogeneous system landscape

Untitled1.png

SAP NetWeaver Single Sign -On

Authenticate once and subsequently access SAP and non-SAP applications in a  secure and user-friendly way.

Supports Single Sign-On for SAP & Non-SAP applications.

Suitable for heterogeneous system landscape.

Meet company and regulatory requirements.

Improves security measures &  protects the organization.

Simple, Secure, flexible solution.

Reduces IT costs incurred by password resets.

Cloud Integration & Partner Integration.


SAP SSO without SAP IDM.


1Untitled.png


SAP SSO with SAP IDM


2Untitled.png 

SAP SSO – Simple & Secure Access


SAP NW IDM – Manage IDs & permissions



For  implementing SAP NW Identity management in your landscape, SAP suggests the ASAP methodology. For more information on ASAP Methodology, visit ASAP Methodology for Implementation


~ Krishna



To report this post you need to login first.

4 Comments

You must be Logged on to comment or reply to a post.

    1. Team MS

      Dear Krishna,

      Thanks for sharing valuable content on IDM. Can you share please PAM MATRIX of IDM Version supports with SAP and  Non SAP Products (Siebel), Heterogeneous (like Windows ADS, Exchange, Lotus, UNIX OS flavours, Database) with versions.

      Integration Part with various components. Pro’s and con’s of IDM.

      Thanks,

      Shankar Reddy Dalli

      (0) 
      1. Krishna Kumar Duddu Post author

        Hi Shankar,

        Thanks for your comment 🙂 !!

        Yes, IDM has strong connector framwork for Non-SAP systems. SAP IDM has capabilities of user provisioning to heterogeneous systems as ADS, Exchange, Lotus notes, SQL/Oracle databases irrespective of versions.

        For more information, please refer to the following links.

        SAP NetWeaver Identity Management Product Overview

        SAP NetWeaver Identity Management FAQ

        SAP Identity Management – Connector Overview

        http://www.youtube.com/watch?v=erckR3R0tdo#t=1

        All the best !!

        ~ Krishna.

        (0) 

Leave a Reply