SAP GRC Access Control identifies and prevents access and authorization risks by ensuring that the right access is given to the right people based on an employee’s role. Unfortunately, these roles are static, meaning they do not leverage contextual attributes common in today’s dynamic workplace. They require manual updates as users move around the organization and change their job scope.
Pathlock extends the existing SAP GRC Access Control with data-centric security policies that leverage the context of access to reduce risk. While SAP GRC assigns access based on specific roles, Pathlock’s dynamic rules consider the context of access (who, what, where, when, and how) before allowing access to transactions or data.