To make a system even more secure, realtime has recently added smart-card functionality. Now users can protect sensitive data either with biometrics, a smart card, or a combination of both. With this feature, users can log any transaction and select as protection ”smart card only”. As long as the smart card is inserted, the realtime solution is seamless and the user will not notice any difference, as the system will perform as it did before the installation of the solution. Only once the smart card is removed will the user be rejected trying to access protected functions, fields, and info types. The system can also be configured to request a smart card in combination with biometrics to provide dual authentication for critical tasks and more precise identity management. For any critical transactions, realtime suggests the use of the smart card in combination with biometrics for the ultimate Two-Factor Authentication.
In response to customer requirements in the Fortune 500 and public sector for protection of highly sensitive data and authorizing wire transfers, realtime created a ”dual confirmation group.” Now it takes one authorized person – “the master” – to request, for example, a wire transfer with biometrics and a second individual to authorize that request. Of course you can configure for a third or fourth person defined for the case when the second person is not available. The log file will clearly state which person made the request and which person authorized the request. The system can be configured to define a ”master” or any two authorized individuals can authenticate the request.
bioLock can restrict the logon (security level I), every transaction (level II), and any fields or info types (level III). Independent from the user of an SAP solution, bioLock will uniquely identify the “actual user” and log his or her activities in the standard SAP log file. With this unique identity management solution for SAP solutions, one now has proof who did what and when within the system. Persons in critical departments such as finance, HR, IT, production, management, and other selected employees handling sensitive data are equipped with bioLock to protect the company from fraud and help them to comply with mandatory regulations. bioLock will guarantee more accurate audits and will help to comply with critical regulatory mandates such as the California Act, HIPAA and Sarbanes-Oxley. Section 404 of the Sarbanes-Oxley Act requires certifying that companies have established and maintained internal controls and will assess and audit their systems’ effectiveness annually.
The SAP integration-certified bioLock 4.6x software is installed and configured in hours. Protection of transactions and the registration of bioLock users take only minutes. Actual use is intuitive and requires no training. The software is installed in its own “realtime” directory and does not change the configuration of the SAP solution-based system. The integration was certified for SAP R/3 Release 4.6C and runs on SAP R/3 4.6, SAP R/3 Enterprise Release 4.7 and mySAP ERP. Management always knows who has accessed critical information or who was denied trying to do critical tasks without permission in the SAP solution.
Thomas Neudenberger, COO of realtime North America, Inc. states: “Billions of dollars are spent to keep hackers out of company networks, applications, and systems. Finally, companies have started realizing that the major threat comes from the inside. It is often a disgruntled or clueless employee who is causing the most damages.”
Source: realtime North America