su53 Solutions has launched a new managed security service to help firms keep a closer eye on SAP governance, risk management and compliance (GRC).
The operating and support service for SAP environments is the first ever fully integrated service of its kind for SAP systems, according to su53, and is aimed at firms looking to avoid any problems when an audit comes around.
All different versions of the package offer monthly reporting on activities and a quarterly assessment of what improvements could be made.
Other services include regular or ad-hoc compliance assessments and GRC reviews, consulting services, security advisories and technical support.
Clients can also take advantage of the SAP Security Outsourcing option, so they do not have to worry about managing this area, although su53 said it would only "probably" cost less than controlling this area in-house.
"Most of the big players don't specialise in this area. They have some general skills, whereas we have very deep skills," Martyn Proctor, managing director at su53, told IT PRO.
"I think the risk that is most common at the moment and the one that the auditors will tend to pick up on is to do with segregation of duties. This is where people have privileges and access to a system to do things which could be in conflict."
In this case su53, which is itself an SAP partner, helps identify where such conflicts exist, Proctor added.
The various packages are delivered from Northern Ireland, a country offering some of the lowest operating costs in Europe, su53 said.
The location also provides companies with the confidence that personal data accessed by the managed security service is kept within the regulatory environment of the region.
"We chose to use Northern Ireland as there is a sense amongst a lot of customers that they'd like to have security and risk management looked after fairly close to home," Proctor said.
A case in point
One company that has already taken advantage of the managed security service is Anglian Water.
The company had found they had around 2.7 million conflicts arising in their segregation of duties, explained Anglian security risk manager Sandra San Vicente.
The in-house team wanted to work on lowering the number of conflicts, but realised they could not do it alone so brought in SU53.
"At Anglian we chose to in-source our SAP security authorisations function from our main IT provider, and configure and manage our own GRC tools. SU53 has been a key partner in enabling us to implement this strategy," Vincente said.
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
The big book of selling data protectionWhitepaper Agile risk management starts with a common language
-
Detection is not enough: Exposed assets require rapid mitigation to reduce and eliminate riskWhitepaper Agile risk management starts with a common language
-
Data sovereignty a growing priority for UK enterprisesNews Many firms view data sovereignty as simply a compliance issue
-
Elevating compliance standards for MSPs in 2025Industry Insights The security landscape is set to change significantly in the years to come with new regulations coming into effect next year, here's how the channel needs to adapt
-
Modern enterprise cybersecuritywhitepaper Cultivating resilience with reduced detection and response times
-
IDC InfoBrief: How CIOs can achieve the promised benefits of sustainabilitywhitepaper CIOs are facing two conflicting strategic imperatives
-
How ready is your company for NIS2?Supported Content The EU’s latest cybersecurity legislation raises the stakes for enterprises and IT leaders - and ensuring compliance can be a daunting task
-
Security operations use case guideWhitepaper Improve your cyber resilience and vulnerability management while speeding up response times
