Many companies are currently faced with the task of converting their SAP systems to SAP S/4HANA, because their ERP maintenance will be discontinued in the foreseeable future. Project planning usually only takes technical and organizational aspects into account, however; crucial security topics aren’t given enough priority. As a result, the implementation of the authorization concept and adaptation of the authorization roles often end up at the end of the line.
SAP Authorizations & GRC
Protecting SAP standard users: How to efficiently protect and lock critical user master records.
Hardening measures for the handling of SAP standard users are an integral part of the SAP security and audit guides. Doesn’t everyone already know that? Only at first glance. Consulting practice has shown that the implementation of these protective measures is a regular, major challenge for businesses of all types and sizes.
User-friendly processes with the free SAP Screen Personas tool
User experience and modern user interfaces are becoming increasingly widespread. Even SAP now offers solutions like SAP Fiori, which is based on contemporary operating systems. Another helpful, reliable tool for generating custom user interfaces is SAP Screen Personas. This software product is simple to use and can be customized to users’ specific needs.
Role conversion is anything but child’s play – but you can still execute your SAP S/4HANA authorization projects quickly and securely
A survey was conducted during an ITOK expert talk on the greatest challenges for SAP security in March. It revealed that over half the participants see such challenges in the area of roles and authorizations. The integration of the authorization concept represents one of the core activities during SAP S/4HANA implementation and is a frequent reason for the failure of such projects as a whole. But how can you handle conflicts like resource bottlenecks, shifting priorities for subprojects, changes to tasks, and testing?
Spaces and pages – A new approach to visualizing apps in SAP Fiori launchpad
The SAP Fiori user interface is gaining in importance in current SAP S/4HANA projects. SAP applications become experiences, usability is enhanced, and the use of apps enables device-independent access – anytime and anywhere. Spaces and pages, the new way of visualizing apps in SAP Fiori Launchpad, deliver several key benefits. But how can you activate spaces and pages and what effects does this new approach have on authorization roles?
Create and modify app catalogs easily – with SAP Fiori Launchpad Content Manager
More and more companies are electing to use Fiori apps to call specific transactions in addition to the SAP GUI. This requires configuration of specific authorizations, however, which are composed of catalogs and groups. But how can you reduce the multitude of standard SAP Fiori catalogs and groups that are provided and adapt them to your own scenarios?
Practical tip: How you can avoid special roles and create new organizational levels in your SAP system based on an authorization field
In the standard SAP system, there are many authorization fields that are not declared as organizational levels, but instead characterized by special values. But the more authorization fields without organizational levels that contain organization-specific values like location or country, the larger the proportion of special roles grows.
However, to achieve the greatest possible transparency in role administration and avoid unnecessary authorizations – not least with system security in mind – the creation of additional special roles should be avoided wherever possible.
SAP compliance: the benefits of an automated audit rules at HellermannTyton
Wherever electricity is flowing through a cable or data is being transmitted over a fiber optics cable, HellermannTyton products are never far away. Over the last 85 years, the company has developed into a leading global provider of cable management solutions and is on track to continue this growth both nationally and internationally. This expansion is also reflected in its SAP systems and authorizations, which have grown alongside its success. Today, systems with this level of complexity are expected – internally and externally – to comply with strict requirements.
Improve security by redesigning your SAP authorizations – the right role template can save you time and money
The authorization structures at many companies have grown organically. Over the course of time, users have often been granted wider authorization privileges than they actually need for their everyday work. As a result, data availability and integrity, as well as system availability, can be critically endangered. Authorization managers see an increasing need for action to minimize the risk of SAP security incidents. After all, many more IT incidents still remain unreported compared to published cases.
Role adjustments for technical SAP users – how to handle authorizations safely and effectively
Technical SAP users that have extensive authorizations like SAP_ALL pose a heightened security risk. Vulnerabilities can endanger interfaces and paralyze processes. As such, external auditors are intensifying their focus on authorization management. One of our customers – a company in the energy sector – recently faced the challenge of having to restrict the authorizations of its technical users (batch processing/RFC interfaces).