In spite of the hype surrounding the cloud, the on-premise model in which customers run their own SAP software is still the norm. However, that doesn’t rule out a service provider handling part of the operations; indeed, hosting is a widely used model, particularly among SMEs. While the roles at hand are usually clearly assigned in a hosting model like this, the same unfortunately doesn’t always apply to SAP system security.
Managing a large number of user accounts often presents companies with a major challenge. It’s particularly difficult when user identities need to be maintained in several systems, directory services, or databases. This frequently results in a lack of transparency, conflicts in the segregation of duties (SoD), and an increase in the effort required to address them.
C/4HANA is the name of the newest product in the SAP portfolio. The company based in Walldorf, Germany, promises nothing less than a revolution of customer experience. But is C/4HANA secure? And what does “C/4HANA” mean, anyway?
Did you know that you can distribute licenses easily and automatically via RFC starting from SAST SUITE Release 5.0?
The IT compliance field poses a major challenge for SAP customers, and in particular, with regard to the compliance of SAP users. It is no coincidence that roles and authorization issues are what many SAP customers find most frustrating.
Security policies allow companies to ensure compliance with data integrity, secrecy, availability and authenticity. Such policies are constantly being updated and scaled to keep up with changes to ongoing operations. When additional policies are added in compliance with guidelines – for example a software update or a DSAG audit, the policy must be compared. To date, this has required checks by hand. Since the Release 5.0 SAST SUITE offers solution, providing automatic identification and adoption of deltas where policies differ.
As the years pass by, companies are increasingly facing the oft-lamented lack of experts. Bright minds thinking about information technology and how to implement it, maintain it and, especially, secure it, are far and few between. And the risks grow in line with the increasingly complex IT environment. Most IT departments are simply in over their heads in the face of this challenge. For this reason, security for systems and storage of critical company data is often pushed to the bottom of the to-do list.
Consider this: Managed services offer quick, and most importantly, secure solutions.
Since the new General Data Protection Regulation (EU GDPR) is fully effective, companies must now face new challenges with respect to protecting personal data.
To meet the guidelines under the GDPR, we can help with two modules of SAST SUITE in particular: SAST HCM Read Access Monitoring and SAST Superuser Management.
Time and again, we’ve seen subpar handling of risk resolution in practice for RFC interfaces, with no guarantee for maintaining proper and secure operating conditions.
In today’s practical tip, we give you a step-by-step explanation of how you can secure your SAP gateways against unauthorized calls.
After upgrading to a new SAP release, customers often face the challenge of using the SAP transaction SU25 to bring their authorizations up to speed, as well.
In today’s practical tip, Steffen Maltig shows you how to save up to 90% of the resources this normally requires.