For a number of years now, SAP has been pursuing a new strategy for how SAP users interact with its software. Complex SAP applications are being subdivided into role-based SAP Fiori apps, with the aim improving user friendliness while also enhancing the user experience. A rising number of companies are considering implementation of SAP Fiori apps and are now faced with determining which authorizations must be allocated to their employees for access to the app.
Identity and Access Management
SAP authorization management put to the test at Berliner Wasserbetriebe
Berliner Wasserbetriebe, Berlin’s water supply and wastewater disposal company, is a public institution and is therefore subject to special legal requirements. High security standards apply to both business processes and its IT operations. As a consequence, setting up transparent SAP authorization management company-wide to meet all of these requirements was one of the water company’s most critical tasks.
SoD-Free User Management via Web Services
Managing a large number of user accounts often presents companies with a major challenge. It’s particularly difficult when user identities need to be maintained in several systems, directory services, or databases. This frequently results in a lack of transparency, conflicts in the segregation of duties (SoD), and an increase in the effort required to address them.
Authorizations for batch processing in NetWeaver and S/4HANA environments
Despite the increasing use of web interfaces in the context of S/4HANA, batch processing is still required for mass data. However, our experience in customer projects has shown that very few administrators know how manage authorizations properly in such scenarios. SAP OSS Note 101146 offers a good overview in this regard. In this blog post, we want to provide a condensed explanation of how the practical aspects interrelate.
Cut Down on Critical SAP Authorizations Without Interrupting Operations
Companies that operate SAP systems are subject to an annual audit by an auditor. Often, SAP authorizations are also examined. The audits check for separation of duties (SoD) and critical authorizations, in particular where SAP Basis Administration is concerned. Read this blog to learn how you can quickly reduce critical SAP authorizations (auditor findings).
Study shows SAP systems especially prone to insider attacks
After many years working in the field of SAP security, I am still regularly surprised to discover how much Hollywood has contributed to the discussion on cybersecurity. The common perception is that of a hacker sitting at home in front of several screens and using cryptic commands to hack into corporate networks. The recently published “Insider Threat 2018 Report” however, shows that insider attacks represent a much more serious threat. As far as the security of SAP systems is concerned, insider attacks are by far the greater problem. Why that is the case and what the main risks are is the subject of this post. Continue reading
Why passwords are pricey – and how you can still keep costs down
A password is both a blessing and a curse. The blessing is that it permits relatively secure authentication. The curse is that because the complex passwords required for secure login are often too hard to remember, even for those with good memories. A forgotten password is annoying for users. It also costs a lot of money. Read more to learn just how high the costs can be and how you can avoid them.
C/4HANA – how does security work for this? Our take.
C/4HANA is the name of the newest product in the SAP portfolio. The company based in Walldorf, Germany, promises nothing less than a revolution of customer experience. But is C/4HANA secure? And what does “C/4HANA” mean, anyway?
Achieving effective IT risk management with dynamic mitigation groups
Holistic, effective risk management in IT will help you make sounder decisions faster and present tremendous potential for value creation throughout your company. In practice, however, we continue to witness a lack of measures appropriate for identifying dangers early on. IT risk management is too often understood as a reactive process.
Central license management: the fast lane to security with SAST
Did you know that you can distribute licenses easily and automatically via RFC starting from SAST SUITE Release 5.0?