printer friendly version

Logical SAP access via biometrics

Linx/AS Africa recently held a conference in Johannesburg to highlight the company’s success in controlling logical access to SAP systems via biometrics. Randburg-based Linx/AS is a solutions integrator for bioLock software, from realtime North America Inc.

bioLock is a software solution that secures access and functions (to SAP in this case) with biometric authentication. The system does more than simply control access, it can be configured to protect fields and functions in the SAP system, only allowing certain people to access certain functions – for example, balance sheets or personnel data, as well as financial transaction authorisations.

Hosted by Werner Simpson, director of Linx/AS Africa, the conference started with a brief overview of Linx/AS and its role in the market over the years before Thomas Neudenberger, COO at realtime North America took the stage and provided the attendees with insights into bioLock and its use in securing logical access. When looking at new legislation like the EU GDPR and the local PoPI, ensuring you know who is accessing your systems is more important than ever. As Neudenberger noted, “Data does not leak itself”.

Neudenberger highlighted the well-known fact that securing access to sensitive data and applications through passwords is a high-risk approach that is generally easily overcome by those determined to cause mischief or commit fraud. Using biometrics to control access means that only the authorised people can access systems and data, and you know that when a biometric (such as a fingerprint) is read, the person has to be there.

Biometric authentication confirms “who you are”, instead of just what a user knows (a password or PIN), or “what you have”, such as with a token or access card. Linx/AS and realtime have a long history of offering logical access via biometrics with bioLock, including to the local market, which was demonstrated by the next presentation by Johan du Plessis, CIO of Consol Glass.

Consol has been using the bioLock software suite since 2011, installed and supported by Linx/AS across its business lines and locations to provide for secure access and transactions in its SAP ERP system. Consol was led to bioLock because it realised it needed a more secure way to deal with a number of issues, including:

• The need to mitigate risk associated with vendor payment approvals,

• To provide for mandatory dual approval built into the payment process,

• To enforce biometric authentication of high-risk activities,

• To prevent non-biometric users from accessing high-risk areas,

• It also required tamper-proof logging of all restricted activities, including failed or unauthorised attempts, and

• To enforce segregation of duties.

Du Plessis noted: “After careful evaluation of various options to safeguard critical business processes, we decided to proceed with the deployment of the bioLock suite. It has moved Consol to a level of SAP transaction process security way beyond that offered by traditional username and password methods. With a robust audit trail we can now provide and prove full compliance to generally accepted good governance practices, compliance and policies.”

Another local success story is from Transnet, where Linx/AS again used bioLock software to secure access to its SAP system. In this instance, the biometric technology used was Fujitsu’s PalmSecure. A touchless solution, PalmSecure identifies users by the unique pattern of blood vessels in their palm when the user holds their palm over a reader. These readers can be stand-alone readers or even built into laptops.

At Transnet, shop floor kiosks are installed in factories and depots, delivering SAP EAM functions through a simple ATM-like graphical user interface to enable and empower shopfloor operations and maintenance personnel to quickly respond to events that require maintenance support. The Fujitsu palm vein sensor is embedded in the kiosk. Workers can log into the system quickly and are immediately granted access to the features and functionality they are authorised to use.

Linx/AS was named as one of the top three most innovative channel partners at Fujitsu’s annual Select Partner Awards in 2017 due to the Transnet project.

For more information, contact Werner Simpson, Linx/AS Africa, +27 (0)11 888 0486, werner@linxas.co.za, http://www.checkidinsap.co.za

Share this article:

Further reading: