Many experts have shared their knowledge and helped here in this space with their vast experience. Be it a technical question of a question related to IDM domain.
I want to thank them all before going ahead writing this document, as I am also one of the beneficiary who gained good knowledge on SAP IDM and Identity & Access Management domain.
This document, highlights about the challenges faced by the enterprise related to identity management and how an identity management solution address the challenges. The business benefits of IDM solution are also highlighted. The content of this document may be helpful for the people who want to explain what is IDM & why IDM is required for an enterprise.
Identity Management problems faced by Enterprise
Following are the few challenges listed.
- Difficulties in managing user identities growing, across the enterprise.
- User roles and responsibilities are getting more complex.
- Manage user identities and roles across complex heterogeneous systems.
- Maintaining access permissions and authorization during employee internal movements.
- No formal process to ensure accounts & access are disabled/deleted for staff leaving the organization.
- Inadequate controls over requesting, authorizing & granting access to critical applications across enterprise.
- No centralized view to perform periodic reviews of users and users access rights.
- Unable to meet compliance requirements.
Identity & Access Management Solution
• Centralized user management for various systems in the heterogeneous
• Automatic user provisioning & de-provisioning to the connected systems.
• Password Management Capabilities.
• Role Management & Rule Management.
• Workflows to support business process.
• Role Assignments based on approval workflows.
• Compliance, auditing & reporting capabilities.
• Employee Self Service capabilities.
• Right Users have Right access to Right systems.
• Single system to manage users & access across the organization.
• Reduced Help Desk costs.
• Reduced Administration costs.
• Reduced Audit costs.
• Improved regulatory compliance.
• Improves employee productivity.
SAP NW Identity Management
- Grants and manage user access to heterogeneous applications securely and efficiently.
- Incorporates business driven Identity Management process.
- Strong connector framework for SAP Business suite & Portal environments, ABAP/JAVA Stack, third party, operation systems, file systems & databases.
- User provisioning, Role & Rule based Provisioning, workflow & approvals capabilities.
- Role Management, Rule Management..
- Password Management & Employee Self service activities.
- Identity Visualization – unified view of Virtual identity of users.
- Identity Federation & Single Sign On (with eSSO).
- Strong reporting, Auditing & Reconciliation capabilities.
SAP NW Identity Management – Heterogeneous system landscape
SAP NetWeaver Single Sign -On
• Authenticate once and subsequently access SAP and non-SAP applications in a secure and user-friendly way.
• Supports Single Sign-On for SAP & Non-SAP applications.
• Suitable for heterogeneous system landscape.
• Meet company and regulatory requirements.
• Improves security measures & protects the organization.
• Simple, Secure, flexible solution.
• Reduces IT costs incurred by password resets.
• Cloud Integration & Partner Integration.
SAP SSO without SAP IDM.
SAP SSO with SAP IDM
SAP SSO – Simple & Secure Access
SAP NW IDM – Manage IDs & permissions
For implementing SAP NW Identity management in your landscape, SAP suggests the ASAP methodology. For more information on ASAP Methodology, visit ASAP Methodology for Implementation