Important aspect of SAP data collection: S/4HANA embedded analytics uses the BI analysis “Authorizations”

SAST Blog: Important aspect of SAP data collection: S/4HANA embedded analytics uses the BI analysis “Authorizations”Data collection and the subsequent analyses are important, complex processes; it’s difficult to imagine modern business processes without data analytics. To address customers’ specific needs, customer data is analyzed, material inventories are recorded automatically, and entire work processes are scrutinized to squeeze out efficiency gains. Important data collection also takes place within the SAP landscape, for example, with SAP S/4HANA embedded analytics. The check logic in the authorizations deserves special attention here.

Continue reading

Typical pitfalls of SAP S/4HANA migration: Changes in the file structure of the SAP S/4HANA application server cause negative side-effects

SAST Blog: Typical pitfalls of SAP S/4HANA migration: Changes in the file structure of the SAP S/4HANA application server cause negative side-effectsIn its S/4HANA release, SAP follows a strategy of process simplification and greater usability, among others. At the technical level, new layers such as the SAP Fiori Front-end Server, SAP Fiori launchpad, and SAP Fiori apps were created. The authorizations of these objects require particular attention to avoid nasty surprises as the project progresses. One specific pitfall is the changed file structure on the new application server.

Continue reading

Business partners and the sneaky back door of the F4 search help: How to protect your sensitive data

SAST Blog: Business partners and the sneaky back door of the F4 search help: How to protect your sensitive dataSAP offers a consolidated data object, the business partner, to simplify the management of sensitive master data for customers, suppliers, and employees. This simplification also poses dangers, however. Therefore, all companies that plan to migrate to SAP S/4HANA should familiarize themselves with the business partner concept ahead of time.

Continue reading

Interview with Ralf Kempf about winning the “Top Identity and Access Management Solution Provider in Europe 2021” award

SAST Blog: Award win: Top IAM Solution Provider in Europe 2021.Last year came to a very pleasant end, as we won the award for “Top Identity and Access Management Solution Provider in Europe 2021”. The December issue of Enterprise Security Magazine reported extensively on our IAM solution and about the innovative features that make our software so unique. We interviewed Mr. Kempf to find out more about the software solution and the current technology trends.

Continue reading

How the skilled use of SAP wildcard characters can shed light on the analysis of the SAP authorization system

How the skilled use of SAP wildcard characters can shed light on the analysis of the SAP authorization systemFor SAP experts worldwide, data display tools like the Data Browser (SE16), Quick Viewer (SQVI), and Query Start (SQ00) are basic components of their everyday work. They have become accustomed to using selection screens, variants, and ALV functions in the output lists of the Data Browser. In this post, we’ll show you examples from the SAP authorization system that illustrate less well-known possibilities for finding what you need in large datasets through the skilled use of wildcard characters during selection.

Continue reading

Think about updating your authorization roles in your SAP S/4HANA project!

SAP S/4HANA authorizations: brownfield or greenfieldMany companies are currently faced with the task of converting their SAP systems to SAP S/4HANA, because their ERP maintenance will be discontinued in the foreseeable future. Project planning usually only takes technical and organizational aspects into account, however; crucial security topics aren’t given enough priority. As a result, the implementation of the authorization concept and adaptation of the authorization roles often end up at the end of the line.

Continue reading

Role conversion is anything but child’s play – but you can still execute your SAP S/4HANA authorization projects quickly and securely

Roozbeh Noori-Amoli (SAST SOLUTIONS)A survey was conducted during an ITOK expert talk on the greatest challenges for SAP security in March. It revealed that over half the participants see such challenges in the area of roles and authorizations. The integration of the authorization concept represents one of the core activities during SAP S/4HANA implementation and is a frequent reason for the failure of such projects as a whole. But how can you handle conflicts like resource bottlenecks, shifting priorities for subprojects, changes to tasks, and testing?

Continue reading