Product & Pricing
Proposal
Sales Director
Trevor Tibbals
May 27, 2020
3
MISSION
• Provide Consumers Energy with modern, scalable and automated
Identity, Governance, Administration and Security services that are
business friendly and efficiently grant the right person the right access
while giving Consumers Energy the necessary insights to ensure access
to sensitive data is being tracked appropriately
Confidential
4
Objectives
Governance
Establish an effective riskbased governance program
that can deliver benefits by
quickly delivering flexible
and repeatable processes
and meeting audit and
contractual requirements.
Automation
Provide IAM tools and
services that align with
modern standards and
best practices to drive
operational efficiency,
continuous compliance,
scalability, service delivery,
and reliability.
Awareness
Improve situational
awareness and visibility via
automation that provides
the speed and accuracy of
identifying who has access
to applications, data and
infrastructure for all user
types.
Confidential
5
Obligations
• Establish visibility across ABAP Systems, data, and infrastructure for
proper access, security, and enablement
• Align security and business enablement to ensure compliance
• Improve delivery of system access to Consumers through automation
• Meet business entity expectations with effective and reasonable
solutions
Confidential
6
Defined Use Cases
Primary
• Provide Governance and Compliance needs for SAP ABAP systems
• SOD Analysis, Mitigating Controls, User Access Review, Firefighter / Emergency
Access Management
• Integration
• Platform needs to be able to integrate with SAP IDM and OneIdentity
Secondary
• Extend GRC Capabilities to non SAP ABAP Apps
• Attestation, Provisioning, User Access Requests, SOD Management
• Potentially allowing further consolidation and the capability to sunset SAP IDM
Confidential
Saviynt Intelligent Identity Hub
1
MODULAR
PLATFORM.
5
PRODUCTS.
IDENTITY RISK EXCHANGE
IDENTITY
GOVERNANCE &
ADMINISTRATION
or
APPLICATION
ACCESS
GOVERNANCE
INTELLIGENT
PLATFORM
99.5% or higher availability
Flexible deployment model
DATA ACCESS
GOVERNANCE
IDENTITY
HUB
CLOUD
PRIVILEGED
ACCESS
MANAGEMENT
SOC2
Type II
CAPABILITIES
Secure Saviynt Cloud with
FedRAMP ATO certification
(on Saviynt Cloud or on-premise appliance)
Always current, unlimited upgrades
Zero / Low on-premise footprint
120+ connectors incl. built-in RPA
BOT
LARGEST CLOUD IDENTITY GOV. WAREHOUSE
1.4B Identity Associations
25,000 Managed Applications
1M Enterprise Roles
56,000 Requests/Day
Confidential
10
An industry decorated
leader
Named an IGA LEADER
in all 3 major analyst
reports
(Gartner, Forrester,
and KuppingerCole)
“
The only IGA provider
listed in Gartner’s
SOD Monitoring Market
Guide
and AWS Security
Competency
Named an Overall
Leader in
KuppingerCole’s 2020
Leadership Compass
report for SAP Access
Control Tools for SAP
Environments
Saviynt successfully combines two sets of capabilities. On the one hand, they provide strong
support for SAP specifics in access control and management. On the other hand, Saviynt is not
limited to SAP environments, but delivers services for a broad range of target systems, plus
comprehensive IGA capabilities. This allows to build a central solution for IGA and business
software access control.
2018 TRUST
AWARD FINALIST
– KuppingerCole 2020
Confidential
11
”
Recognized as an industry
leader by top analysts
Confidential
12
Saviynt for SAP
"Saviynt differs from other vendors in
this market segment by their focus on
delivering security and access governance
solutions for a broad variety of systems,
including full support for IGA (Identity
Governance and Administration). However,
they also provide
in-depth
KuppingerCole
2020 support for
SAP"
Cross-App SOD
Management
PAM with Audit Log +
Screen Recording
SOD Remediation
Workbench
Automated Identity
Lifecycle Management
Intelligent Access
Request & Preventative
Risk Analysis
Automated Role
Engineering
Risk Based User Access
Reviews
License Management
Continuous Control
Monitoring
Saviynt
Highlights
- From
KuppingerCole’s
2020 Leadership
Compass Report for
Access Control
Tools for SAP
Environments
Confidential
14
Saviynt’s Value to Consumers Energy
FRICTIONLESS
INTELLIGENT
ACCESS.
CLOUD NATIVE.
Support for hybrid with
right tenancy
ACCELERATED
UNIFORMITY.
FASTER TIME TO
VALUE
BETTER COMPLIANCE
& SECURITY.
Business ready interface, intuitive, seamless, built for collaboration
that reduces end user burden by over 60%
Single & familiar pane for identity + security + compliance management,
deliver more value
Built to scale. Single platform, built grounds-up for seamless
integration
Only fully featured IGA Platform-aaS in the market
Expansive & certified connectors along with built-in BOT
Faster onboarding, lower integration cost by over 50% than legacy vendors
Do more with scarce security resources with low code | no code and outof-box business ready features and solutions from our marketplace
Ingrained deep analytics and intelligence delivers better security at
scale
Strike the right balance between preventive, predictive and reactive
security
Confidential
15
Application Access
Governance
•
Prevent toxic combination of access and reduce internal
fraud
•
Cross-application SOD management to manage end to end
business processes
•
Support for all major ERPs and the ability to onboard
custom apps within 6 weeks
•
Actively prevent proliferation of risky access with
preventive SOD simulation in access request
•
Industry leading IGA platform enabling user lifecycle
automation
more IGA
withvendor
Saviyntto
AAGfeature
–
• DoOnly
in Gartner SOD Controls
Monitoring
Guide
•
IncludedMarket
identity
lifecycle management and risk-based access
request and review, emergency / privileged access management with
session recording
•
Included license management
•
Extend automated integration with custom critical apps with
CONNECTOR BOT
•
Available industry vertical compliance library
Confidential
16
Identity Governance &
Administration
•
Reduce end user friction with industry leading ‘business
ready’ web interface, mobile app, inline browser request
and ServiceNow app
•
Lower end user request approval and review fatigue with
built-in access recommendations
•
Integrated AI/ML identity analytics engine (peer /
outlier, policy-based, SOD risks, etc.)
•
Automate last mile application integration and reduce
human errors during provisioning with built-in CONNECTOR
BOT
Do more with Saviynt IGA –
•
Manage AD, Azure Active Directory and other groups with
integrated succession management
•
Perform service account management including RPA BOT
governance
•
Govern heritage PAM vaults and privileged IDs
•
Manage 3rd party access with vendor and customer access
management
Confidential
17
18
Saviynt’s Proposal – Primary Use Case
Product
Description
Application
Access
Governance
•
•
•
•
•
•
•
•
•
•
•
•
SAV-SW-AAG –SAP
Quantity
Fine grained access hierarchy analysis and management
Out of box SOD ruleset for financial, HR and business processes
Out of box compliance controls library and continuous monitoring
Emergency / fire-fighter access management and monitoring
Application Role / rule mining
Application SOD analysis and remediation, mitigating control management
Attribute-based privilege design and management
Risk and usage analytics
Intelligent access request
Risk-based access certification
Provisioning / assignment of coarse-grained access
Transport for application roles
Up to 11,500 Users
Covers All SAP ABAP
Systems
• 2 Instances (Dev &
Production)
•
•
Annual
Subscription
Training
Services
•
•
•
•
Remote Training – Instructor Lead
We have Level 100 and Level 200 training sessions
$1500/participant based on minimum of 5 participants being purchased
Pricing can very based on the number of sessions being purchased
Annual
Subscription
$313,407
$313,407
$7500
•
5 Participants
Ad Hoc Purchase not
included in above
pricing
Pricing Expires 60 days from presentation
Confidential
19
Saviynt’s Proposal – Secondary Use Case
Product
Description
Enterprise
Identity
Administration
•
•
•
•
•
•
•
•
•
Enterprise
Identity
Governance
•
SAV-SW-ID-ADMIN
SAV-SW-ID-GOVERN
Quantity
Risk based access request management (self-service, delegated)
Automated provisioning & de-provisioning
Enterprise Role Management
Attribute based (ABAC) provisioning rules management
Identity event policy management
Task management
Account and access import / export / reconciliation
Password Management / Self-service or delegated password reset
Reporting and dashboard
Risk-based Access Certification / Attestation (user manager, role owner, resource /
entitlement owner, role content and event-based)
• Enterprise segregation of duty (SOD) assessment and management (risk analysis, risk
remediation workbench, mitigating controls)
• Continuous controls monitoring, reports and dashboard
Annual
Subscription
•
•
•
Up to 11,500 Users
Up to 25 Apps
2 Instances (Dev &
Production)
$140.086
•
•
•
Up to 11,500 Users
Up to 25 Apps
2 Instances (Dev &
Production)
$196,121
Annual
Subscription
$336,207
Pricing Expires 60 days from presentation
Confidential
20
Saviynt’s Proposal – Volume Discount if Purchased Together
Quantity
Annual
Subscription
Product
Description
Enterprise Identity
Administration
•
Same As Previous Slide
•
•
•
Up to 11,500 Users
Up to 25 Apps
2 Instances (Dev & Production)
$102,730
Enterprise Identity
Governance
•
Same As Previous Slide
•
•
•
Up to 11,500 Users
Up to 25 Apps
2 Instances (Dev & Production)
$143,822
Application Access
Governance
•
Same As Previous Slide
•
•
•
Up to 11,500 Users
Covers All SAP ABAP Systems
2 Instances (Dev & Production)
$250,726
SAV-SW-ID-ADMIN
SAV-SW-ID-GOVERN
SAV-SW-AAG –SAP
Annual Subscription
$497,278
Pricing Expires 60 days from presentation
Confidential
21
Included
Product
Description
Annual
Maintenance
•
•
•
•
Platinum Level Support, Maintenance and Managed Platform Services
24x7 support (telephonic, online)
Access to product updates and upgrades
99.5% uptime, coverage: Sev 1 - 24x7 | SLA: Sev 1 - 1h (4h), Sev 2 - 8h (3d), Sev 3 - 24h (7d) [time to respond (time to resolve)]
Managed Platform
•
•
Deployment of available hotfixes, patches as necessary to OS, application and database server, Saviynt software
1 annual upgrade to major release
SAV-SVS-MAINT
SAV-SVS-MGDSVS
Pricing Expires 60 days from presentation
Confidential
Business ready IGA as a Service
Rapid Hybrid
Delivery
Managed Platform
Continuous Upgrades
On Premise
Appliance
On-Demand
Scale
SOC2
Type II
24x7 99.5%
Operations A v a i l a b i l i t y
Feature Enhancements
PLATFORM OPERATIONS
PLATFORM UPGRADE
• Regular system backup / restore
• Monitoring of integration points /
feeds
• Proactive system health and
performance monitoring of Identity &
Access Governance / Intelligence
platform and its integration points
• Troubleshoot platform issues and
incident management, perform
performance tuning
• Participate in root cause analysis
• Perform change control and release
management
• Prepare periodic reports on system
health, performance, audit support
• Provide resolution support for
Severity 1 / 2 / 3 incidents
• Perform OS and DB update /
upgrade / maintenance / hardening
• Deploy Saviynt updates / hotfixes
/ upgrades
• Align release management with
product roadmap
• Merge client specific
customizations with product
upgrades
• Typical upgrade cycle of 1 major
upgrade and 2 minor upgrades
Aligned with
Business Goals
SLAs / OLAs
Time to Respond
(Time to Resolve)
Thank you