Speed up development of framework and application authorization concepts for SAP ERP and S/4HANA

SAST Blog: Speed Up Development of Framework and Application Authorization Concepts for SAP ERP and S/4HANACompanies that use SAP are required to describe controls and procedures in documents that reflect the current status of the system and the general compliance guidelines. The concepts for framework and application authorizations are essential elements of this documentation, for both internal requirements and annual reviews by external auditors. Good documentation templates can help get you where you need to go much more quickly.

Continue reading

How to optimize your SAP Authorization Management in times of crisis

SAST Blog: How to Optimize your SAP Authorization Management in Times of CrisisWith the economic restrictions and challenges these are creating, the COVID-19 pandemic continues to be the determining factor in both business and our personal lives. And as far as we currently know, this situation will continue for quite some time. What companies need now is adjusted SAP authorization management for times of crisis, to ensure that employees can take over important tasks from colleagues as quickly as possible and without constraints on day-to-day business.

Continue reading

How to define the right defaults for a framework authorization structure of your SAP HANA database

SAST BLOG: Framework authorization structure for the SAP HANA database – defining the right defaults SAP HANA is based on an in-memory technology concept for data storage. This makes it possible to analyze large, non-aggregated datasets flexibly with extremely short processing times. Since data processing in SAP HANA differs significantly from that in SAP NetWeaver, it has its own user management and authorization system. But which default settings are needed for the SAP HANA authorizations?

Continue reading

Managed Service: The Booster for your SAP Security & Compliance

SAST MANAGED SERVICESChecking for vulnerabilities, flawed configurations, and critical authorizations on a regular basis is the only reliable way to ensure SAP system security. Dedicated efforts to safeguard SAP environments, however, are both technically complex and contingent upon having a great deal of time and personnel. That’s why a managed service presents an attractive alternative.

Gunar Funke, head of SAP Manages Services SAST SOLUTIONS at AKQUINET, recently sat down with us to talk about why a managed service solution makes particular sense in the context of SAP security and what’s involved with regard to SAST SUITE.

Continue reading

Authorizations for batch processing in NetWeaver and S/4HANA environments

SAST_SAP_User-Access-ManagementDespite the increasing use of web interfaces in the context of S/4HANA, batch processing is still required for mass data. However, our experience in customer projects has shown that very few administrators know how manage authorizations properly in such scenarios. SAP OSS Note 101146 offers a good overview in this regard. In this blog post, we want to provide a condensed explanation of how the practical aspects interrelate.

Continue reading

Cut down on critical SAP authorizations without interrupting operations

SAP Authorizations, SAP Security & ComplianceCompanies that operate SAP systems are subject to an annual audit by an auditor. Often, SAP authorizations are also examined. The audits check for separation of duties (SoD) and critical authorizations, in particular where SAP Basis Administration is concerned. Read this blog to learn how you can quickly reduce critical SAP authorizations (auditor findings).

Continue reading

Self-Adjusting Authorizations: SAST SOLUTIONS’s new tool intelligently slims down SAP roles

SAST-SUITE_Self-Adjusting AuthorizationsCompanies find themselves challenged again and again by the immense effort required to keep employee SAP authorizations up to date during day to day business. Our new SAST SUITE module, Self-Adjusting Authorizations, takes an intelligent approach to solving the most frequent problems: It removes unused transactions automatically, increasing both compliance security and protection against data misuse, in turn reducing administrative effort.

Continue reading