Part 2: SAP authorization model for Export Compliance All global companies need to comply with one or more export compliance regulations when authorizing access to data. In Part 2, we will provide an in depth example of the authorization framework using export compliance as a showcase. http://www.nextlabs.com/html/?q=web-request-webinar-information-risk-management

1. Advanced Authorization for SAP Global Deployments Part 3: SAP authorization model for secure Partner Collaboration Sandeep Chopra, Sr. Product Manager, NextLabs, Inc.

2. Agenda Objective Understand partner collaboration lifecycle for global SAP deployment Apply the Authorization Framework Identify authorization tools used in the solution Presentation Quick Recap of Part I and II The Partner Collaboration Lifecycle Partner Collaboration requirements for global SAP deployment Enterprise authorization considerations Question and Answers

3. Review of Part I Understanding Global Deployment Authorization Requirements and Challenges Introduction to the Authorization Toolbox Authorization Framework – Clear Separation of Authorization Dimensions Authorization Decision Map

4. Review of Part 2 Introduce Authorization Model Assessment Understand the requirements of Export Compliance in a global deployment Group business authorization into functional, data, and governance dimensions Example Authorization Decision Map for Export Compliance

5. The Authorization Framework Revisited 5. Choose the right tools for each layer 4. Develop Data Authorization Decision Map 3. Authorization Model Assessment for Data Entitlements 2. Develop Functional Authorization Map 1. Separate Functional, Data and Governance Requirements

6. The Partner Collaboration Lifecycle Marketing Engineering Manu- facturing Logistics Sales Service

7. Partner Collaboration Authorizations Intellectual Property (IP) Licenses NDA, PIA, PIEA Patent Licenses Trade Secrets Third Party IP Licenses Contractual Obligations Classified, Top Secret, Need to Know

8. Securing Collaboration Multiple systems are involved throughout the IP Lifecycle Need to apply Authorization Framework to each system Need to develop a long term authorization strategy

9. ACME: A Global A&D Company Global Aerospace & Defense Company Headquartered in US Operations in 6 countries: US, UK, Germany, India, China, Australia Joint Ventures in Australia and UK 60,000 employees, 5000 suppliers worldwide Single Instance of SAP, Centralized IT management in US Substantial number of materials are dual use or under ITAR jurisdiction Global operations IT management in US, operations in India Design centers in US, UK, Germany, and Australia Manufacturing in US, UK, Australia, China

10. Business Authorization Dimensions Functional Access Determine the actions a user can perform Data Access Determine the data a user can see Governance Rules for access management Data Access Functional Access Governance

12. Define Transaction or Function Groups

14. Acme’s Authorization Decision Map for SAP SAP

15. Do not Forget Authorization Governance Classification Processes IP Classification (type, owner, license) Business classification (Program, project, product, customer) IP Publication Process for publishing IP to external facing applications External User Company and Project assignments Managing the creation of accounts for external users with accurate information for company and project assignment IP License Management Managing IP licenses established by legal Marking, Audit and Record Keeping

16. Acme’s Enterprise Authorization Decision Map SAP File Server PLM CAD System Sharepoint Custom App

18. Policy consistency?

19. Higher TCOIT

21. Policy consistency

22. Lower TCOIT

23. Leverage Common Authorization Model SAP File Server PLM CAD System Sharepoint Custom App

24. An Authorization Strategy for ACME Near Term: Use the Best authorization model for each Application to meet the control objective LongTerm: Develop strategy to externalize authorization leveraging common authorization model

25. Mapping Requirements to Authorization Understand the requirements of Secure Collaboration in a global deployment Group business authorization into functional, data, and governance dimensions Authorization Decision Map for Secure Collaboration for each application Enterprise Authorization considerations

26. Co-organized by NextLabs and SAP NextLabs Overview Policy-driven, information risk management software for Global 5000 enterprises. Help companies achieve safer and more secure internal and external collaboration Ensure proper access to applications and data Facts Locations HQ: San Mateo, CA New York, NY Hangzhou, PRC Malaysia 25+ Patent Portfolio Major go-to-market Partners: IBM, SAP, Microsoft “We allow companies to preserve confidentiality, prevent data loss and ensure compliance across more channels and more points with a single unified solution with unmatched user acceptance and total cost of ownership.” - Keng Lim, Chairman and CEO

28. Get the whitepaper on Protecting IP in Collaborative Manufacturing

29. Request a meeting to find out about our end to end information risk protection for SAP customers