All Research
Leadership Compass
I like this
I don't like this

Access Control Tools for SAP Environments

Martin Kuppinger
This report provides an overview of the market for Access Control Tools for business application environments that are centered around SAP solutions, including traditional SAP ECC environments. The main focus is on these environments, including SAP S/4HANA, SAP S/4HANA Cloud and other SAP cloud applications, with a limited focus on support for other Line of Business (LoB) applications. We examine the market segment, vendors, product functionality, relative market share, and innovative approaches to providing solutions that increase security in these business application environments primarily for SAP, by restricting access, controlling break-glass access, and related capabilities.

1 Introduction / Executive Summary

For many enterprises, SAP systems are an essential part of their corporate IT infrastructure. Critical business information is stored within ERP systems, and the favored source for employee data is the SAP HR system. Business processes are implemented through portal solutions relying on SAP infrastructure. Data is held in SAP HANA; the migration to S/4HANA is ongoing, and highly individualized functionality is coded right into the existing standard SAP modules by using ABAP or Java.

Although there are many other systems in place which also contain critical information, many businesses still rely on the availability of well-designed and well-protected SAP Systems. Traditionally, SAP systems are a major focus area for internal and external auditors. For the successful implementation of adequate controls, it is essential that all existing SAP systems are covered by an effective solution for managing risks, and within that for managing access control and SoD controls and implementing adequate Access Governance.

SAP solutions remain at the core of the LoB infrastructure of many organizations. Managing access entitlements including roles, but also SoD (Segregation of Duties) rules, firefighter access, and other aspects around identity, access, and security is essential for protecting these business-critical applications.

Many critical business systems are following the trend of shifting to the cloud, using either solutions provided by SAP such as SuccessFactors or Ariba, or to other vendors’ solutions, SAP systems remain at the core of the LoB (Line of Business) application infrastructure of many organizations. While the scope for managing access controls is expanding beyond the traditional ABAP systems and even beyond SAP, these systems are of high criticality for many organizations.

This Leadership Compass focuses on the support for the SAP environment, while a separate document takes a broader perspective across a heterogeneous LoB landscape.

1.1 Highlights

  • While the customer requirements for access control solutions for their business applications are expanding in the context of the journey towards SaaS services, many organizations still build their LoB infrastructure primarily on traditional and modern SAP solutions, operated both on premises and in the cloud
  • Customers that continue to focus on their traditional SAP environments, with the SAP department being the buyer, commonly look for deep integration into these environments and familiar user interfaces
  • In this market segment, we find several vendors with a high degree of specialization in SAP environments, frequently delivering both software and services
  • Aside from some large players such as SAP itself and Pathlock, several smaller vendors primarily serve their local markets
  • Some of the vendors from the IAG (Identity and Access Governance) space also provide deep support for SAP environments, but in most cases with lesser coverage for extended capabilities such as roll-out support and other features that are provided by the SAP-focused vendors
  • With the acquisition of various vendors by Pathlock (formerly Greenlight GRC), a large competitor to SAP has emerged in the market
  • Overall Leaders are (in alphabetical order) Pathlock, SailPoint, SAP, and Saviynt
  • Product Leaders are (in alphabetical order) Pathlock, SailPoint, SAP, Saviynt, and Xiting
  • Innovation Leaders are (in alphabetical order) Pathlock, SailPoint, SAP, Saviynt, and Soterion
  • Market Leaders are (in alphabetical order) Pathlock, SailPoint, SAP, and Saviynt
Full article is available for registered users with free trial access or paid subscription.
Log in
Register and read on!
Create an account and buy Professional package, to access this and 600+ other in-depth and up-to-date insights
Register your account to start 30 days of free trial access
Register
Get premium access
Choose a package

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the Terms of Use