[searchandfilter taxonomies="search"]

Detect and Prevent Fraud at the Transaction Level with Adaptive Authentication

According to PwC’s Global Economic Crime and Fraud Survey 2020, 47% of companies experienced fraud in the past 24 months. The survey found that the most common types of fraud were cybercrime, customer fraud, and asset misappropriation. The total cost of these crimes reached a staggering $42 Billion. Considering that most large enterprises deploy ERP applications to run their financial and purchasing operations, greater visibility and control of transactions that are executed within ERP applications is crucial. Adaptive authentication at the transaction level can provide a simple yet effective control mechanism to detect and prevent financial fraud.

What is Adaptive Authentication?

Also known as dynamic multi-factor authentication (MFA), adaptive authentication allows you to implement MFA challenges based on the user’s risk profile. It allows you to orchestrate security policies that can trigger an MFA challenge based on attributes like location, IP address, time, device type, etc. While most MFA solutions do this when a user logs into the application, implementing MFA at the transaction level for sensitive transactions creates an additional security layer based on the perceived risk of access.

How Transaction Level Adaptive MFA Detects and Prevents Fraud

Layered Security: Implementing multi-factor authentication at the transaction level creates a preventive control layer within your ERP applications. For example, sensitive transactions like approval of purchase orders, vendors, or payments can be secured in the event of a breach or stolen user credentials.

Monitoring and Detection: One of the major challenges in ERP applications is gaining visibility into the thousands of transactions that take place every day. With transaction-level MFA, security and audit teams can monitor sensitive, high-value transactions with detailed logs of who is approving what and when. This leads to faster detection of suspicious user activity that could lead to fraud.

Risk Mitigation: With users logging in remotely and through personal devices, adaptive MFA at the application access and transaction-level can be triggered based on contextual risk. This allows organizations to implement multiple control layers to mitigate their overall security and financial risk.

Adaptive Authentication with Appsian Security

The Appsian Security Platform enables organizations to take a risk-based adaptive approach to ERP security. The platform allows you to implement Dynamic Multi-Factor Authentication at the transaction level, creating a logged record of sensitive transactions. Using an attribute-based access control (ABAC) security model, every authentication request is first analyzed for level of risk, and MFA challenges are deployed accordingly. Security teams can also centrally enforce strict identity and device zero-trust policies across multiple ERP applications.

Schedule a demo to find out how Appsian’s enterprise MFA solutions can enhance your fraud prevention and detection capabilities.

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

Appsian How-To: Enforce Transaction Level Policy Controls in SAP

The typical business application’s role-based access control (RBAC) security model provides poor dynamic transaction level policy control enforcement. In this video demonstration, you’ll see how to enforce transaction level controls in SAP using attribute-based access controls (ABAC). You’ll also see how Appsian Security’s analytics platform, Appsian360, allows you to monitor user behavior around those transactions and spot deviations from normal behavior.

Gartner recommends transitioning from the static RBAC security to Adaptive Security found in an Attribute-Based Access Control (ABAC) security model. ABAC allows you to set controls based on policies and enforce that control at the transactional level or at the field level. The good thing about this is we can enforce transaction level controls in one place, and we can make it work across the different transactions. In other words, it’s a one-to-many level of control.

You can then use Appsian360 to monitor the most often run transactions, where they are most frequently run from, and the active status of these transactions.

What is Adaptive Security?

Adaptive security is an approach to managing security that analyzes behaviors and events to protect against and adapt to threats before they happen. With an adaptive security architecture, an organization can continuously assess risk and control effectiveness monitoring and automatically provide proportional enforcement that can be dialed up or down to fit its need.

Adaptive Security is configured using combinations of contextual attributes, to enforce policy requirements into the access controls, thus automating policy enforcement.
Adaptive Security constantly monitors and analyzes detailed user behaviors at the transaction and data level to detect threats, and then adapts the security controls to respond to threat with a mitigation action.
The specific policy requirements configured into the access controls become the “key risk indictors” that Appsian360 can monitor to detect and report anomalies and threats.

Contact us today for a full demonstration on how to implement policy controls at the transaction level in your ERP applications.

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

How Step-Up Authentication Protects Access to Sensitive Data

Protecting and maintaining the integrity of data, especially sensitive data, is one of the core objectives of any security strategy. Since a majority of this data is stored and accessed using ERP applications, access to ERPs presents a significant risk to data security. To mitigate this risk, organizations have been deploying multi-factor authentication (MFA). While MFA re-confirms user identity and provides a layer of security at the time of login, it does nothing to reduce the exposure of sensitive data inside the ERP applications. This leaves a majority of the sensitive data unnecessarily exposed and at risk.

Why Sensitive Data Needs Additional Protection

Businesses collect, store, and process huge volumes of data every single day. This data includes sensitive information like Personally Identifiable Information (PII), financial information, intellectual property, healthcare records, and business intelligence. The value of this data puts it at constant risk from both external attacks and insider threats.

According to a 2019 IDC survey, 64% of ERP systems have been breached in the last 24 months. In addition, the 2021 Ponemon Institute Cost of a Data Breach Report pegs the average cost of a data breach at $4.24M, and the 2020 Cost of Insider Threat Report found that negligent employees or contractors were the biggest cause (63%) of insider threats. These findings are a clear indicator that many enterprises still struggle to control access to sensitive ERP data.

How Step-Up Authentication Protects Data

One of the most common challenges across industries is user over-provisioning. It basically means that users have more authorizations and privileges than they require granting them access to sensitive data even when it’s not needed. This not only increases access risk but also could lead to privacy violations and audit failures.

Step-up authentication allows security teams to implement an MFA challenge in-line with sensitive data fields like Social Security Number, Credit Card Information, bank accounts details, or any other sensitive field inside your ERP applications. It puts a control mechanism at the data field level creating an additional layer of security within your ERP systems to protect data, minimize exposure, and mitigate risk.

The Need for Dynamic Step-Up Authentication

Step-up authentication is a simple and effective solution to protect sensitive data. However, the number of MFA challenges a user has to complete to access data can increase significantly when implemented. To overcome this challenge, organizations need to take an adaptive security approach by shifting to an attribute-based access control security model. This allows security teams to implement step-up MFA challenges only when the context of access is considered risky.

For example, a step-up authentication challenge can be triggered when a user is logging into the ERP application from another country or with a personal device. Based on the organization’s security policy and compliance regulations, MFA challenges can be implemented dynamically at the field level after determining the risk posed by a specific access.

Other Benefits

Implementing dynamic step-up authentication at the field level enables enterprises to take their Zero Trust framework beyond the gate and deeper into applications. It also helps security teams to monitor access to sensitive data and detect unusual user activity. From a compliance perspective, step-up MFA protects sensitive data from unauthorized access and provides an audit trail.

Though all data within the enterprise network is considered private, sensitive data assumes greater significance due to its inherent value and compliance regulations applicable for its protection. The adaptive security capabilities of the Appsian Security Platform protect sensitive ERP data by implementing attribute-based access control to reduce the overall access risk and dynamic MFA at the field level that offers a layered security control.

Schedule a demo with our ERP experts to learn how you can deploy step-up authentication for sensitive data access.

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

Appsian How-To: Easily Identify & Explore User-level SoD Violations in Oracle EBS

Automation is simplifying Segregation of Duties. In this video demonstration, you can see how Appsian can identify, explore, and resolve SoD violations in Oracle EBS and beyond. Leveraging user behavior profiling and actual usage data, Appsian turns the complex task of managing SoD into something you can handle with ease.

About Appsian

Appsian helps you comply with compliance regulations like Sarbanes-Oxley (SOX) by providing a single control point to manage and enforce segregation of duties (SoD) – across multiple ERP platforms.

Appsian is a full-suite solution that includes SoD rules definition, conflict analysis & resolution, real-time violation prevention, and detailed incident analysis. For example, if a violation is pre-approved, you can quickly create remediation (mitigation factor), so this violation will not appear again in the reports.

Appsian’s proprietary technology analyzes user behavior and usage data paired together with vast amounts of hands-on experience in the field of risk assessment to resolve conflicts. The solution can assess SoD risks and violations based on users’ actual usage, not only on their given authorizations. This allows the auditing of specific violation events in real-time. Of course, the best way to handle violations is to solve them clearly and quickly. Appsian features a conflict resolver tool that will remedy conflicting roles within a few seconds by pointing out the best combinations of authorization roles to change to solve the violations.

Appsian can also add real-time preventative SoD controls that stop violations at run-time – regardless of a user’s existing authorizations. This allows users with SoD exceptions to maintain the flexibility granted to them while ensuring no actual violations occur. In addition, these preventive SoD controls ensure that SoD rules are followed and drastically reduce or eliminate the manual reviews that were required using a detective approach.

Schedule your demo today and learn how Appsian can help your organization get clean and stay clean by eliminating the complexities in SoD.

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

Uniting Q Software & Appsian Security: Thoughts from Q Software CEO, Mike Ward

Taken from Mike Ward’s original November 3rd blog post on www.qsoftware.com:

For years, Q Software has worked closely with our customers to provide the strongest set of GRC, security, and audit tools available for the Oracle market. To continuously increase value for our customers, we are always striving to make strategic improvements to our products and services. With this in mind, we’re excited to announce that we’re joining forces with Appsian Security, a global leader in ERP data security and compliance for the Oracle and SAP ERP markets.

Appsian Security specializes in dynamic, preventative access controls and real-time monitoring that provides critical layers of control and visibility so ERP customers can detect and prevent security threats. Most unique, Appsian Security solutions are specifically designed for and natively implemented in ERP applications – giving Oracle, SAP, etc., customers maximum levels of data security without custom development, additional hardware, or impact on future application updates.

Joining the Appsian Security Family

When Q Software was approached by Appsian Security, it became clear that a combination of our offerings would provide tremendous value for our customers. Q Software focuses on reducing the cost and complexity of managing risk, demonstrating regulatory compliance, and protecting our customers from fraud. Appsian Security focuses on protecting data at the transaction layer by applying dynamic, fine-grained controls if a user’s access indicates risk. Together, we’ll create the next generation solution for automating how ERP customers manage and enforce critical (GRC) processes like identity & access governance, segregation of duties, data loss prevention, and enabling data privacy and compliance reporting.

Introducing New Capabilities for Data Masking

One of the most critical innovations Appsian Security offers is the ability to apply dynamic data masking on any field using a policy-based (i.e., one-to-many) rules engine. Masking rules can be influenced by everything from the context of user access to business processes and application artifacts:

1. Conditional Masking– Mask fields based upon attributes of a session
2. Click to View Masking– Allows data to be masked upon entry to the form, user clicks masked data to expose information, which is tracked, logged, and easily accessible in Appsian360
3. Static Masking– Ability to mask application data for certain users or forms

Example Oracle EBS screenshot that shows a default data mask. Masking can stay in place or be removed using a “click-to-view.” This feature captures the masking removal action by the user, creating a log of activity.

Data Access and Usage Analytics

One of the cornerstones of demonstrating compliance is visibility. I am very excited about Appsian Security’s features for data access and usage analytics, as they solve the growing challenge of understanding granular levels of data access (across multiple systems) and making that data actionable for security and compliance purposes.

Click to view usage: Easily audit the unmasking of specific data fields (when using click-to-view masking.) Identify where, when, and who is accessing data by device type.

Understand which users are executing specific transactions and understand the specific data they are accessing. Perfect for investigating potential fraud and enabling SOX compliance reporting.

What the Future Holds

I couldn’t be more excited about joining the Appsian Security family. I will remain in a leadership role, and the rest of the Q Software team, with their unbeatable experience, will continue to provide world-class products and services for JD Edwards users and the broader Oracle ERP market.

Thanks to Appsian Security, we are now able to increase our investment in further developing and expanding the scope of our great JDE solutions, as well as introduce exciting new capabilities for the benefit of our customers.

I would encourage you to learn more about Appsian Security at www.appsiansecurity.com and reach out to receive a demonstration of their data security platform. Or you can reach out to your contact at Q Software, and we’d be happy to facilitate an introduction.

Please do not hesitate to reach out with any questions!

Sincerely,

Mike Ward

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

How Identity Governance and Administration (IGA) Compliments IAM to Improve Data Security

Identity, Governance, and Administration (IGA) is defined by Gartner as an “activity within the identity and access management function that concerns the governance and administration of a unique digital representation of a user, including all associated attributes and entitlements.” In simpler terms, IGA capabilities help organizations govern and monitor user activities inside the application to detect and respond to user behaviors or policy violations.

IGA is a superset of Identity and Access Management (IAM) and was born out of the need to extend data security and compliance practices within applications. IGA goes beyond IAM control measures to monitor user activity within a given application and implement controls that enable governance and policies at a granular level.

How IGA Enhances Data Security in ERP Applications

Reduces Risk of Data Access

Traditional IAM solutions verify the user’s identity and, once verified, provide access to ERP applications based on the roles assigned to that specific user. Consequently, the user gains access to all authorizations allowed by their roles. The IAM solution has little to no control over what the user does once access has been granted. This creates a governance challenge and increases the overall risk significantly.

The Appsian Security Platform builds on existing Role-Based Access Controls (RBAC) to create a security layer based on the context of access, such as time, device, location, IP address, etc. Using Attribute-Based Access Control (ABAC), Appsian allows you to restrict and/or mask user access to sensitive data at the page and field level inside your ERP applications. This gives security teams the controls they need to not only determine risk but also mitigate it across ERP applications.

Enables Layered, Policy-Based Security Controls

The ability to orchestrate and enforce policies within your ERP ecosystem is key to controlling user access to data and transactions. This is especially true when companies must follow mandatory data privacy regulations like CCPA, GDRP, and Sarbanes Oxley. Without the necessary governance and controls in place, companies could face audit failures and huge fines, not to mention the loss of customer trust.

The Appsian Security Platform allows you to implement layered security controls within your ERP applications. The platform’s ability to mask data at the field level shields sensitive PII data like Social Security Numbers, bank account details, etc. While the Click-to-View feature allows users to view data when needed, it also creates an access log that helps security teams detect suspicious user activity. Appsian also enables you to implement in-line authentication challenges to perform sensitive transactions. In addition to creating layered security controls, these features also provide a reliable audit trail and enhance compliance.

Streamlines User Authorizations

User authorization is an integral part of IAM, but once the authorizations have been granted, traditional IAM solutions offer minimal insights into how these authorizations are being used. Granting new authorizations to users, also known as user provisioning, is usually a manual process that directly impacts Segregation of Duties (SoD). In many companies, the volume of authorization requests that ERP admins receive is so overwhelmingly high that it results in users being over-provisioned, i.e., having more authorization than they need. This increases your overall data access risk and leads to SoD violations that eventually become the cause of serious compliance deviations and audit failures.

To overcome this governance challenge, the Appsian Security Platform enables you to monitor authorization usage in real-time. The platform’s adaptive security provides a 360° view over authorization and behavior-based user activity to detect SoD violations while providing steps for remediation. Appsian also deploys Artificial Intelligence (AI) and Machine Learning (ML) to create user profiles which are then analyzed to recommend removal of unused authorizations and detect deviations in authorization usage. Appsian automates the tediously manual ERP authorization management process while decreasing the risk to data access and enabling higher compliance standards.

Schedule a demo with our security experts to find out how Appsian’s adaptive security enhances data security and compliance within your ERP applications.

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

Material Weakness Series Part 3: Ineffective Transaction Level Controls

In the previous article of this series, we talked about data field-level controls and how you can resolve a data field-level control weakness with security best practices. This article goes one level deeper from ERP data fields to ERP transactions. Sensitive transactions like approving payments, adding vendors, and modifying contracts have a direct impact on the business. Without the necessary transaction level controls, they could create red flags during an audit, leading to discovering a material weakness.

What is a Transaction Level Control?

Transaction level controls are intended to detect and/or prevent errors, misappropriations, or policy non-compliance in a financial transaction process. Effective transaction-level controls help organizations achieve their mission and strategic objectives for a given business process transaction by appropriately mitigating inherent risks. Weak transaction controls could lead to fraud, mishandling of payments, or financial errors that eventually impact the company’s annual or interim financial statements.

How to Resolve Transaction Level Control Weaknesses

Resolving transaction level control weaknesses requires implementing specific solutions that enable you to create a security layer at the transaction level of your ERP application. A simple and direct method of achieving this is implementing Multi-factor Authentication (MFA) at the transaction level. While many organizations use MFA to secure ERP access, the authorization granted during login gives the user unlimited access to transactions related to the user’s role.

However, by deploying step-up MFA for sensitive transactions, you can re-authenticate identity and monitor and create an access log for these transactions. This also helps security teams flag suspicious transaction activity by the user, thereby adding a preventative and detective control at the transaction layer of your ERP application.

Implementing Transaction Control with Appsian

The Appsian Security Platform allows you to force MFA challenges at the transaction level to ensure Zero Trust, not just at the initial access but also deeper within your ERP applications. Appsian also enables you to go beyond Role-Based Access Control (RBAC) security models to a dynamic security model like Attribute-Based Assess Control (ABAC). The platform considers a user’s contextual attributes like access location, time of the request, device type, etc., before establishing trust and granting access to data or transactions. Your security teams can use these dynamic user privileges to enforce multi-factor authentication for partial or full access to sensitive data and transactions

The Appsian Security Platform natively integrates into your ERP web server without requiring customizations or additional servers. Security teams can use their existing MFA Vendors like Duo Security, Okta, SafeNet, Microsoft Authenticator, and more to force MFA challenges at the ERP transaction level.

Schedule a demo with Appsian ERP experts to understand how you can implement layered security controls inside your ERP applications to protect sensitive transactions.

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

Material Weakness Series Part 2: Ineffective Data Field Level Controls

In the first article of our material weakness series, we addressed what a material weakness is and how an ineffective access control weakness can be resolved. This article will look at another critical control weakness that can occur at the data field level.

What are Data Field Level Controls?

Field-level security settings, or field permissions, are intended to control whether a user can see, edit, and delete the value for a particular field on an object. These are the ERP data security capabilities that allow organizations to protect sensitive fields such as a candidate’s social security number without having to hide the candidate object. However, when these field-level controls are not configured correctly, users may be able to see sensitive personally identifiable information required by compliance regulations like CCPA and GDPR to be safeguarded.

How to Resolve Data Field Control Weaknesses

Protecting data at the field level is crucial from a data integrity and data privacy point of view. Here are six steps you can take to enhance field-level controls within your ERP applications:

Implement the Zero-Trust security model that enforces the principle of never trust, always validate.
Effectively using Multi-Factor Authentication (MFA) and enforcing MFA at various layers – login, critical transaction level, and critical data field level to enable layers of security.
Implement layered security, also known as defense in depth (DiD), in overlapping layers of controls that typically provide the three control capabilities needed to secure assets: prevention, detection, and response. While no individual security control is guaranteed to stop 100% of the cyber threats, layered security provides mitigations against a wide variety of threats while incorporating redundancy or compensating controls in the event of a control failure.
Transition from static security found in Role-Based Access Control (RBAC) security models to a dynamic security model like Attribute-Based Assess Control (ABAC) that enables the enforcement of policy requirements into the access controls at the transaction and data level.
Design dynamic security controls capabilities to improve their ability to identify, detect, prevent, and respond to anomalies and threats.
Perform periodic control assessments to validate the effectiveness of the existing controls.

Protecting Data Fields with Appsian Security

The Appsian Security Platform has been designed specifically to address security and governance challenges that companies face within their ERP ecosystem. Appsian offers a range of solutions that enable you to implement Zero Trust security. From multifactor authentication at the login level to masking of sensitive data fields with the ability to reveal data only after authentication, Appsian provides complete control over data access and data exposure that goes beyond the initial access.

Appsian’s attribute-based access control also ensures that authorizations are not absolute. It considers the context of access when allowing or restricting data access even at the field level. For example, the click-to-view feature provides access to data while also maintaining a log of what sensitive data was accessed when and by whom. The Appsian Security Platform takes a layered approach to security within your ERP ecosystem to enable field-level controls that prevent, restrict, and monitor access and modification of any field data.

Take a first-hand look at how Appsian can enable field-level controls in your ERP applications without disrupting business operations. Schedule a demo with our ERP experts.

Next in the Series: Ineffective Transaction Level Controls

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

Material Weakness Series Part 1: Ineffective Access Controls

This is the first article of a multi-part series featuring material weaknesses. Each piece will focus on one critical internal control weakness and provide solutions on how to resolve the weakness with granular security controls.

The purpose of an independent audit of a company’s financial reports, called a Financial Statement Audit, is to form an opinion by the independent auditor if the current and potential investors can rely upon the accuracy and completeness of the company’s financial statement. During this audit, the auditors will evaluate the design and operating effectiveness of the internal controls intended to manage the risks relevant to maintaining the accuracy and completeness of the financial reports. The auditor may identify deficiencies in the company’s internal control over financial reporting, which will be ranked from lowest to highest impact as Control Deficiency, Significant Deficiency, or Material Level Weakness.

What is a Material Weakness?

According to the PCAOB, a material weakness is “a deficiency, or a combination of deficiencies, in internal control over financial reporting, such that there is a reasonable possibility that a material misstatement of the company’s annual or interim financial statements will not be prevented or detected on a timely basis.” Companies with material weaknesses are required to report them in their public SEC filings in the period in which they were identified. There are multiple types of internal control weaknesses that could lead to a material weakness.

Access Control Weakness

Segregation of duty (SoD) security violations are among the most common examples of an access control issue in ERP applications that lead to an auditor reporting a material-level control weakness. The principle of SoD is based on appropriately segregating critical duties to more than one person. For example, a single person should not have the ability to create and approve vendors, nor should that same person have the ability to create and approve payments. These four access rights could easily lead to fraudulent activity.

Resolving SoD Security Violations with Appsian

The avoidance of SoD security violations within your ERP application starts with an effective user-provisioning process that enables organizations to proactively analyze the role assignments to verify that no SoD violation exists before authorizing the access assignment. Unfortunately, most organizations use manual user provision processes that are tedious and error-prone.

Appsian automates your user-provisioning, de-provisioning, and access recertification process and enables real-time detection and prevention of SoD violations. The Appsian Security Platform also continuously monitors user behavior and authorization usage. This allows organizations to de-provision unused authorizations and flag sudden deviations in user activity, thereby reducing the overall risk and enhancing threat detection.

Define Scope of Process

Choose what and whom to review. Activities, Authorizations, Roles, Employees and System
Commence Review

A list of authorizations is sent for approval then facilitated to the next level of approvers
Complete Review

Upon reaching a well-grounded decision, the next level of approvers are able to confirm with just one click
Seal the Process

Upon completing the process, the results are sent to the security managers to implement changes

Some of the other leading practices offered by Appsian to prevent SoD violations include:

Policy-Based Access Control
With policy-based access, organizations can go beyond roles to implement controls based on contextual attributes. A policy-based access control security model improves your policy enforcement capability at the SoD level.

Identity & Access Management (IAM)
Authorization, being an integral part of IAM, allows you to increase the effectiveness of your user-access management lifecycle process. By implementing dynamic MFA at the login, page, and data field level, you can ensure sensitive data and transaction changes are logged and protected.

Identity Governance & Administration (IGA)
With real-time user monitoring, you can remove unnecessary authorizations while gaining governance and oversight of all user access to increase your ability to detect and prevent SoD violations.

The Appsian Security Platform gives you complete visibility and control of your ERP applications from the inside to resolve critical material control weaknesses. See the Appsian Security Platform in action by scheduling a demo.

Put the Appsian Security Platform to the Test

Schedule Your Demonstration and see how the Appsian Security Platform can be tailored to your organization’s unique objectives

Request a Demo

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Functional

Performance

Analytics

Others

Platforms

Features

Register for an Upcoming Webinar

SAP

PeopleSoft

Appsian360

Review

Webinars

Persona

Register for an Upcoming Webinar

Customers

Video Testimonials

Featured Case Studies

Why Appsian

Management Team

Careers

Press Releases

Partners

Contact Us

Customers

Partners

Home / Blog / Detect and Prevent Fraud at the Transaction Level with Adaptive Authentication

Detect and Prevent Fraud at the Transaction Level with Adaptive Authentication

What is Adaptive Authentication?

How Transaction Level Adaptive MFA Detects and Prevents Fraud

Adaptive Authentication with Appsian Security

Related Articles.

Put the Appsian Security Platform to the Test

Home / Blog / Appsian How-To: Enforce Transaction Level Policy Controls in SAP

Appsian How-To: Enforce Transaction Level Policy Controls in SAP

What is Adaptive Security?

Related Articles.

Put the Appsian Security Platform to the Test

Home / Blog / How Step-Up Authentication Protects Access to Sensitive Data

How Step-Up Authentication Protects Access to Sensitive Data

Why Sensitive Data Needs Additional Protection

How Step-Up Authentication Protects Data

The Need for Dynamic Step-Up Authentication

Other Benefits

Related Articles.

Put the Appsian Security Platform to the Test

Home / Blog / Appsian How-To: Easily Identify & Explore User-level SoD Violations in Oracle EBS

Appsian How-To: Easily Identify & Explore User-level SoD Violations in Oracle EBS

About Appsian

Related Articles.

Put the Appsian Security Platform to the Test

Home / Blog / Uniting Q Software & Appsian Security: Thoughts from Q Software CEO, Mike Ward

Uniting Q Software & Appsian Security: Thoughts from Q Software CEO, Mike Ward

Joining the Appsian Security Family

Introducing New Capabilities for Data Masking

Data Access and Usage Analytics

What the Future Holds

Related Articles.

Put the Appsian Security Platform to the Test

Home / Blog / How Identity Governance and Administration (IGA) Compliments IAM to Improve Data Security

How Identity Governance and Administration (IGA) Compliments IAM to Improve Data Security

How IGA Enhances Data Security in ERP Applications

Related Articles.

Put the Appsian Security Platform to the Test

Home / Blog / Material Weakness Series Part 3: Ineffective Transaction Level Controls

Material Weakness Series Part 3: Ineffective Transaction Level Controls

What is a Transaction Level Control?

How to Resolve Transaction Level Control Weaknesses

Implementing Transaction Control with Appsian

Related Articles.

Put the Appsian Security Platform to the Test

Home / Blog / Material Weakness Series Part 2: Ineffective Data Field Level Controls

Material Weakness Series Part 2: Ineffective Data Field Level Controls

What are Data Field Level Controls?

How to Resolve Data Field Control Weaknesses

Protecting Data Fields with Appsian Security

Related Articles.

Put the Appsian Security Platform to the Test

Home / Blog / Material Weakness Series Part 1: Ineffective Access Controls

Material Weakness Series Part 1: Ineffective Access Controls

What is a Material Weakness?

Access Control Weakness

Resolving SoD Security Violations with Appsian

Define Scope of Process

Commence Review

Register
for an Upcoming
Webinar

Register
for an Upcoming
Webinar