Government regulations and an increasing number of security breaches are forcing companies to know who has access...
to what information, monitor changes in access control, report the results and provide a historical record.
With that in mind, Sun Microsystems announced it is teaming with SAP to deliver an integrated software package that will help businesses maintain automated "continuous compliance" with both external government regulations and internal corporate security policies.
The package combines the Sun Java System Identity Management Suite with SAP's Virsa Access Enforcer. The combination gives businesses a simple, effective way to control which employees have access to specific information stored across a company's entire IT infrastructure, regardless of what type or how many systems are deployed. The package also allows businesses to identify and prevent real and potential security breaches, as well as create audits to demonstrate compliance -- all completely automated and all in real-time.
With SAP's recent announcement that it will acquire Virsa, the integrated package will be part of SAP's Governance, Risk & Compliance (GRC) framework that provides companies with effective governance, comprehensive risk reduction and demonstrable compliance, all at reduced costs.
About the integrated package
Sun's Java System Identity Management Suite allows companies to create a user's virtual identity, tying the user to appropriate accounts across the enterprise. Reports are generated automatically and sent to approved reviewers, providing a clear record for auditing purposes. In addition, any violations of policy are detected, flagged and remediated.
The integrated solution from Sun and SAP GRC gives companies the ability to enforce security policies, enable conformance to global standards and ensure compliance with legislative requirements across business applications. Benefits include the following:
- Automatic identity management provisioning and de-provisioning across applications
- Centralized visibility and control over access to critical systems and information
- Automatic detection, notification, and remediation of compliance violations
- Real-time insight into who has access to what resources and data at any given time
- Automatic detection of -- and response to -- potential risks, such as dormant accounts
- Enterprisewide identity auditing and reporting
- Preventive checks on access requests within SAP and other business applications
- Role- and rule-based approaches to support repeatable, auditable, enforceable security processes
Availability, pricing and additional information
The joint Sun-SAP GRC package is available immediately to customers through Sun sales offices. Sun also offers implementation, licensing and support packages, as well as a full portfolio of training courses on Identity Management. Pricing is based on the number of users. For more information, visit http://www.sun.com/identity/virsasolution.
Dig Deeper on Building security into the SDLC (Software development life cycle)