Search

On May 12th, President Biden signed an Executive Order to help improve the nation’s cybersecurity posture and strengthen Federal networks. This order was preceded by several high-profile attacks like SolarWinds and most recently, the Colonial Pipeline – both of which highlighted key deficiencies in the federal government’s ability to detect, respond, and ultimately communicate about…

Here are two use cases that might sound familiar… While organizations spend millions combatting external threats, for example, hacking, phishing, and ransomware, we at Pathlock have found most data security use cases are focused on data governance across the enterprise. Simply put, what can someone access depending on where they’re located, what business unit they…

Collin County, like all counties in Texas, is considered an extension of state government. Located just north of Dallas, Collin County (the County) provides various government services to its more than 1,000,000 residents. The County’s security team is responsible for enabling secure yet convenient access to appropriate information and services for their on-premise installation of PeopleSoft….

What is Separation of Duties Security? Separation of duties (SoD) is a principle that restricts users from getting more privileges than needed, with the aim of preventing abuse of privileges. For example, employees preparing paychecks should not also have permission to authorize them, because that would create a short circuit where they could overpay themselves…

What are SoD Conflicts? Organizations separate duties in order to prevent the abuse of critical combinations of operations. To avoid criminal activities by one insider, and comply with relevant regulations, management should implement preventive measures, which include separation of duties (SoD). To prevent abuse of access rights, organizations first need to identify SoD conflicts. This…

Companies using SAP typically have some type of structured governance, risk, and compliance (GRC) strategy to manage their overall governance and enterprise risk management and meet compliance requirements. An essential component of any GRC strategy is detecting and resolving SAP segregation of duties (SoD) conflicts. SoD weighs heavily on financial management and reporting, especially for…

As SAP ECC customers prepare for their migration to S/4HANA, they are assessing the pros and cons of this transition in terms of cost, compliance, and data security. A critical step in an S/4HANA migration involves a thorough SAP audit of the existing roles and authorizations and optimizing license spends for the current users. Organizations…

What is Segregation of Duties? Segregation of Duties (SoD) is an internal control measure that all organizations should adopt to stop error and fraud, and is especially important when complying with regulations like the US Sarbanes-Oxley Act of 2002 (SOC). SoD ensures that more than one person carries out the tasks required to bring a…

Third-Party Risk Management (TRPM) is the process of analyzing and controlling risks presented to your company, your operations, your data, and your finances by Third Party Service Providers (TPSP). Most companies rely on a network of third-party vendors, suppliers, and service providers to support their business. As an integral part of the overall business operations,…