Does anyone have any experience leveraging access via IAM to ERP tools and the permissions can be so granular that there would be an extreme amount of options in an IAM tool?
Sort By:
Oldest
CIO in Educationa year ago
It’s crucial to establish a role-based access control (RBAC) model, assign permissions based on job responsibilities, and regularly review access to ensure appropriate privileges. Robust user provisioning and deprovisioning processes, segregation of duties, monitoring, and auditing mechanisms are essential. Educating users about data security and fostering a security-conscious culture is also important. Although challenging, effective IAM implementation in ERP systems ensures secure access while maintaining data integrity and compliance.CEOa year ago
There are newer identity governance applications that are addressing these challenges effectively - notably Clarity Security. There are likely others that can help find SOD conflicts, orphaned accounts, weak authentication challenges, etc. Senior Director, Information Technology in Softwarea year ago
An IAM tool is an extension of the ERP tool's roles/permissions capability. The ERP tool is where you define and assign granular permissions to specific roles and job responsibilities. Keep in mind the amount of effort to maintain these granular permissions (and their assignments) if your organization has regular permissions change requests.Chief Information Security Officer in Healthcare and Biotecha year ago
It depends on the IAM and ERP if both the tool support open API or have rest API then it can be achieved easily Director, Information Technology & Finance Business Partner5 months ago
We use an IAM tool that provisions roles in a few hundred applications including the main ERP system. It detects SODs between systems or within other systems (outside of ERP). We only include the ERP (SAP) Security roles in the IAM tool and not the permissions. IAM feeds the request into SAP GRC to workflow. The ERP role permissions are tracked and validated for SODs between roles in the SAP GRC system.