SAP Cloud Identity Access Governance (IAG) Overview and Updates

SAP Cloud Identity Access Governance(IAG) is SAP's innovation for Access Governance. After a highly successful SAP Access Control 12.0 release, SAP has now released some of the latest innovations on the SAP Cloud Identity Access Governance application. SAP Cloud Identity Access Governance (IAG) is a multi-tenant solution built on top of? SAP Business Technology Platform (BTP) and SAP's proprietary HANA database.

SAP Cloud Identity Access Governance(IAG) is bundled with SAP Business Technology Platform(BTP) Identity Provisioning Service(IPS) and Identity Authentication Service(IAS).

• SAP Cloud Identity Access Governance(IAG) 2205 (May 2022) version is released with product enhancements in the areas of Ariba Integration( via SCIM API), Mitigation Assignment Reporting, Management of User IDs mapped through multiple cloud applications, Added authorization checks for Access Control bridge integration, Conditional UI fields and more.
• SAP Cloud Identity Access Governance(IAG) 2202(February 2022) version is now released with product enhancements in areas of integration with SAP Concur, SAP Sales Cloud, SAP Service Cloud, SAP Advanced Financial Closing, and SAP Intelligent Asset Management.
• SAP Cloud Identity Access Governance(IAG) 2108 version is released with product enhancements in areas such as customizing workflows for access management, additional properties to support OAuth 2.0 Authentication for SAP SuccessFactors, support for provisioning of universal unique ID(UUID) for SAP S/4HANA.
• SAP Cloud Identity Access Governance (IAG) 2105 version is released with enhancements in areas such as extending User Access Review(UAR) for cloud solutions to SAP Access Control through the AC-IAG Bridge Scenario.
• With the SAP Cloud Identity Access Governance (IAG) 2102 release customers can now integrate non-SAP solutions based on Open System for Cross-Domain Identity Management(SCIM)

SAP Cloud Identity Access Governance (IAG) provides out-of-the-box integration with SAP's latest cloud applications such as SAP Ariba, SAP Successfactors, SAP S/4HANA Cloud, SAP Analytics Cloud and other cloud solutions with many more SAP and non-SAP integrations on the roadmap.?

Cloud IAG Services

SAP Cloud Identity Access Governance (IAG) helps customers achieve access control and governance through the below key services:

Access Request Access Request Service provides customers the opportunity to utilize self-service access request forms for user and role provisioning into the Cloud applications along with the power of workflow-driven access provisioning mechanisms along with any other features.

Role Design The Role Design allows users to design access roles with the power of Machine Learning (ML) based algorithms to optimally define and refine the required roles with a bottom-up approach.

Access Certification The Access Certification service in the Cloud Identity Access Governance (IAG) provides the option to certify access spread across multiple cloud solutions by allowing reviewers to regularly audit and certify the roles assigned.

Access Analysis The Access Analysis service is primarily the application meant for security administrators and compliance teams to analyze access risks across cloud applications and refine or remediate access according to the auditory requirements.

IAG Release 2005: We have released a risk ruleset library to detect access needing Segregation of Duties in SAP Cloud applications such as SAP S/4HANA Cloud, SAP Ariba, and SAP Successfactors.

Privileged Access Management

Privilege Access Management is another service that is provided in the Cloud Identity Access Governance (IAG) solution to monitor, report, audit and take action against any critical access in a critical environment such as a Cloud application.

Cloud Identity Access Governance (IAG) is maintained by SAP DevOps which is responsible for the constant upkeep, maintenance, and pushing of new enhancements.

Privileged Access Management(PAM) is now beta-released(for ABAP connectors) in the latest IAG 2005 release for Privileged Access provisioning and privileged/emergency access monitoring(Firefighter) through the Cloud IAG application.

SAP Cloud Identity Access Governance (IAG) 2401 version is now released with added functionalities such as Manage Jobs to help customers synchronize Segregation of Duties (SoD) rules from SAP Access Control 12.0 to SAP Cloud Identity Access Governance (IAG) in addition to Creation of Access Review Campaigns for coordinators to receive alerts when campaigns are overdue.?

SAP Access Control-IAG Bridge

The most talked about feature of Cloud Identity Access Governance (IAG) is the SAP Access Control-IAG bridge which provides customers the flexibility of continuing to use their existing SAP Access Control 12.0 environment as the primary system for Access Control and have the IAG bridge take care of the Access Control services or applications for the cloud environment.

#Identity Provisioning,

#SAP Access Control,

#SAP Cloud Identity Access Governance