Please share with the community what you think needs improvement with SAP Customer Identity and Access Management.
What are its weaknesses? What would you like to see changed in a future version?
The automated provisioning only works well with the SAP products and there are some problems with the non-SAP products. Even if it is SAP, if it is a non-ABAP system, it is a little bit problematic. We find it hard to translate things into the SAP world. SAP has introduced IAG, Identity Access Governance. That piece does the risk analysis, as far as I know, however, the IAM doesn't do that. The risk analysis is doing the checks of whether you have access to set up things which have conflicts, like creating an employee and paying the employee. That kind of access. The IAM is basically not doing the same kind of checks as the IAG. I have heard that IAG can do risk analysis, however, what we have done at one client is we have the IAG management solution from SAP, and then it was tied to a solution of SAP called GRC, GRC Access Control, and then we were running the risk analysis from there. There are multiple levels of interfaces involved, it's not a one-stop solution. It is overly complex. You have to interface IDM with SAP and GRC, and then GRC will check into the actual plugin system. Due to the fact that it is multiple levels of interface that you need to deal with, sometimes, if something fails, it's very hard to troubleshoot. You do need to be knowledgeable about the solution. It's not a good product for beginners, especially in terms of deployment.
What do you like most about SAP Customer Identity and Access Management?
Thanks for sharing your thoughts with the community!
Insider data breaches can be a real problem in businesses. One way to address this issue is by implementing an identity and access management solution.
What tips do you have for ensuring that one's identity and access management solution is effective?