Cross-application business processes have unlocked best-of-breed solutions but are introducing new access risks. The proliferation of these business processes has also shifted how organizations must address Segregation of Duties (SoD). Today’s security models span a variety of applications. This makes it critical for enterprises to identify SoD conflicts across apps and enable continuous controls monitoring to detect actual violations as they occur.
Identity Management
How IT security policies help you satisfy your security requirements
Do you know what you have to do when your company faces security incidents? Do you have documents where you can look up what you need to do? If so, are they up to date? Security policies are neglected in many areas, although they are a cornerstone for maintaining IT compliance and improving enterprise security.
Business partners and the sneaky back door of the F4 search help: How to protect your sensitive data
SAP offers a consolidated data object, the business partner, to simplify the management of sensitive master data for customers, suppliers, and employees. This simplification also poses dangers, however. Therefore, all companies that plan to migrate to SAP S/4HANA should familiarize themselves with the business partner concept ahead of time.
Interview with Ralf Kempf about winning the “Top Identity and Access Management Solution Provider in Europe 2021” award
Last year came to a very pleasant end, as we won the award for “Top Identity and Access Management Solution Provider in Europe 2021”. The December issue of Enterprise Security Magazine reported extensively on our IAM solution and about the innovative features that make our software so unique. We interviewed Mr. Kempf to find out more about the software solution and the current technology trends.
How the skilled use of SAP wildcard characters can shed light on the analysis of the SAP authorization system
For SAP experts worldwide, data display tools like the Data Browser (SE16), Quick Viewer (SQVI), and Query Start (SQ00) are basic components of their everyday work. They have become accustomed to using selection screens, variants, and ALV functions in the output lists of the Data Browser. In this post, we’ll show you examples from the SAP authorization system that illustrate less well-known possibilities for finding what you need in large datasets through the skilled use of wildcard characters during selection.
SAST SOLUTIONS receives the award “Top Identity and Access Management Solution Provider in Europe 2021”
The december issue of Enterprise Security Magazine focuses on IAM solution providers in Europe. It aims to identify the emerging players in the IAM space and showcase their expertise in solving impediments and overcoming market complexities. We are delighted to have won with the topic “Real-Time Identity and Access Management for SAP Systems” the award for “Top IAM Solution Provider in Europe 2021” in this context!
Think about updating your authorization roles in your SAP S/4HANA project!
Many companies are currently faced with the task of converting their SAP systems to SAP S/4HANA, because their ERP maintenance will be discontinued in the foreseeable future. Project planning usually only takes technical and organizational aspects into account, however; crucial security topics aren’t given enough priority. As a result, the implementation of the authorization concept and adaptation of the authorization roles often end up at the end of the line.
Protecting SAP standard users: How to efficiently protect and lock critical user master records.
Hardening measures for the handling of SAP standard users are an integral part of the SAP security and audit guides. Doesn’t everyone already know that? Only at first glance. Consulting practice has shown that the implementation of these protective measures is a regular, major challenge for businesses of all types and sizes.
Role conversion is anything but child’s play – but you can still execute your SAP S/4HANA authorization projects quickly and securely
A survey was conducted during an ITOK expert talk on the greatest challenges for SAP security in March. It revealed that over half the participants see such challenges in the area of roles and authorizations. The integration of the authorization concept represents one of the core activities during SAP S/4HANA implementation and is a frequent reason for the failure of such projects as a whole. But how can you handle conflicts like resource bottlenecks, shifting priorities for subprojects, changes to tasks, and testing?
Trusted system relationships simplify the logon procedure for RFC communication – but how sensible and secure is their use?
The RFC (Remote Function Call) is the main SAP technology for exchanging data between SAP systems. In addition to standard RFC connections, it is also possible to configure trusted relationships. In our technology tip, find out when you should use trusted system relationships and how you can use them securely.