Cross-application business processes have unlocked best-of-breed solutions but are introducing new access risks. The proliferation of these business processes has also shifted how organizations must address Segregation of Duties (SoD). Today’s security models span a variety of applications. This makes it critical for enterprises to identify SoD conflicts across apps and enable continuous controls monitoring to detect actual violations as they occur.
SAP applications contain large amounts of sensitive data. From protected personal information to privileged financial data, this data always harbors risks that companies must deal with, because SAP ERP does not have any built-in masking functions for custom-tailored anonymization in views. As such, the unchecked disclosure of data represents a potential leak, opening up a huge target for potential exploitation. Although add-ons and solutions from SAP and third parties are available to tackle this problem, significant challenges still remain. This is where the concept of attribute-based data masking comes in.
Do you know what you have to do when your company faces security incidents? Do you have documents where you can look up what you need to do? If so, are they up to date? Security policies are neglected in many areas, although they are a cornerstone for maintaining IT compliance and improving enterprise security.
Hamburg, July 12, 2022: SAST SOLUTIONS, the Hamburg-based specialist for SAP security and access governance and part of the international Pathlock Group, together with IBS Schreiber, the SAP security and compliance specialist also based in Hamburg, will in future offer customers the integration of IBS Schreiber rule sets through the Easy Content Solution (ECS) software.
The fundamental question that many people ask before implementing SAP S/4HANA and deploying Fiori apps is “why?”. The option of using Fiori apps has been available for a while now, but the question as to why these new apps should be used usually doesn’t pop up until an SAP S/4HANA migration is planned.
Data collection and the subsequent analyses are important, complex processes; it’s difficult to imagine modern business processes without data analytics. To address customers’ specific needs, customer data is analyzed, material inventories are recorded automatically, and entire work processes are scrutinized to squeeze out efficiency gains. Important data collection also takes place within the SAP landscape, for example, with SAP S/4HANA embedded analytics. The check logic in the authorizations deserves special attention here.
In its S/4HANA release, SAP follows a strategy of process simplification and greater usability, among others. At the technical level, new layers such as the SAP Fiori Front-end Server, SAP Fiori launchpad, and SAP Fiori apps were created. The authorizations of these objects require particular attention to avoid nasty surprises as the project progresses. One specific pitfall is the changed file structure on the new application server.
SAP offers a consolidated data object, the business partner, to simplify the management of sensitive master data for customers, suppliers, and employees. This simplification also poses dangers, however. Therefore, all companies that plan to migrate to SAP S/4HANA should familiarize themselves with the business partner concept ahead of time.
Last year came to a very pleasant end, as we won the award for “Top Identity and Access Management Solution Provider in Europe 2021”. The December issue of Enterprise Security Magazine reported extensively on our IAM solution and about the innovative features that make our software so unique. We interviewed Mr. Kempf to find out more about the software solution and the current technology trends.
For SAP experts worldwide, data display tools like the Data Browser (SE16), Quick Viewer (SQVI), and Query Start (SQ00) are basic components of their everyday work. They have become accustomed to using selection screens, variants, and ALV functions in the output lists of the Data Browser. In this post, we’ll show you examples from the SAP authorization system that illustrate less well-known possibilities for finding what you need in large datasets through the skilled use of wildcard characters during selection.