Technical SAP users that have extensive authorizations like SAP_ALL pose a heightened security risk. Vulnerabilities can endanger interfaces and paralyze processes. As such, external auditors are intensifying their focus on authorization management. One of our customers – a company in the energy sector – recently faced the challenge of having to restrict the authorizations of its technical users (batch processing/RFC interfaces).
One of our long-standing customers, the largest forklift manufacturer in Europe, uses the SAST SUITE for its SAP authorization management alongside a variety of IT services from akquinet AG. As part of a compliance project, the SAST Consulting team was commissioned to redesign and re-engineer all SAP authorizations for nearly 900 users in Germany. In this guest commentary from Sascha Heckmann, together with external SAP consultant Bernhard Radermacher, he tells how the “Ticket Monitor” a custom-developed add-on for the tried and tested SAST Safe Go-Live Management helped the project become a full success.
A municipal utility company recently implemented a new authorization concept to optimize maintenance, transparency, and user access. The implementation process included an assessment of whether all the existing user master records were really necessary. A major project like implementing a new authorization concept often pays for itself when inactive user master records are classified and restricted, reducing license fees as a result.
The upgrade from SAP ERP to SAP S/4HANA also involves a changeover to a new technology. This offers new possibilities thanks, to the increased speed of the SAP HANA in-memory database, as well as an improved user experience through the new FIORI UI. At the same time, however, the implementation of SAP S/4HANA also presents many enterprises with the difficult challenge of planning and executing their migration projects correctly: existing processes and role concepts have to be reconsidered.
The SAP S/4HANA software suite represents a cutting-edge cornerstone for the digitalization of enterprises and is increasingly being used by both SMEs and large corporations. However, the implementation of and migration to SAP S/4HANA also entail increasing complexity in system administration and management. Our specialized software tools enable you to master this project successfully.
When setting up an SAP S/4HANA system landscape, you have the option of establishing a front-end system as the central, superordinate system that accesses different back-end systems. To do this, you have to consider and logically design many factors in advance. In addition to the technical prerequisites, the role and authorization concepts have to be revised. But how can you adapt authorization management in an SAP S/4HANA system with little effort?
Companies that use SAP are required to describe controls and procedures in documents that reflect the current status of the system and the general compliance guidelines. The concepts for framework and application authorizations are essential elements of this documentation, for both internal requirements and annual reviews by external auditors. Good documentation templates can help get you where you need to go much more quickly.
With the economic restrictions and challenges these are creating, the COVID-19 pandemic continues to be the determining factor in both business and our personal lives. And as far as we currently know, this situation will continue for quite some time. What companies need now is adjusted SAP authorization management for times of crisis, to ensure that employees can take over important tasks from colleagues as quickly as possible and without constraints on day-to-day business.
The current situation is forcing companies around the world to find and implement alternative solutions to maintain operations of their SAP systems and business processes. The SAST team is your reliable partner, especially in times of crisis. This is because providing remote support for our SAP customers what we do every day. Our SAST Managed Service puts us in the best possible and reliable position to help you in times of crisis!
SAP HANA is based on an in-memory technology concept for data storage. This makes it possible to analyze large, non-aggregated datasets flexibly with extremely short processing times. Since data processing in SAP HANA differs significantly from that in SAP NetWeaver, it has its own user management and authorization system. But which default settings are needed for the SAP HANA authorizations?