Companies that use SAP are required to describe controls and procedures in documents that reflect the current status of the system and the general compliance guidelines. The concepts for framework and application authorizations are essential elements of this documentation, for both internal requirements and annual reviews by external auditors. Good documentation templates can help get you where you need to go much more quickly.
Identity Management
How to optimize your SAP Authorization Management in times of crisis
With the economic restrictions and challenges these are creating, the COVID-19 pandemic continues to be the determining factor in both business and our personal lives. And as far as we currently know, this situation will continue for quite some time. What companies need now is adjusted SAP authorization management for times of crisis, to ensure that employees can take over important tasks from colleagues as quickly as possible and without constraints on day-to-day business.
How to define the right defaults for a framework authorization structure of your SAP HANA database
SAP HANA is based on an in-memory technology concept for data storage. This makes it possible to analyze large, non-aggregated datasets flexibly with extremely short processing times. Since data processing in SAP HANA differs significantly from that in SAP NetWeaver, it has its own user management and authorization system. But which default settings are needed for the SAP HANA authorizations?
Managed Service: The Booster for your SAP Security & Compliance
Checking for vulnerabilities, flawed configurations, and critical authorizations on a regular basis is the only reliable way to ensure SAP system security. Dedicated efforts to safeguard SAP environments, however, are both technically complex and contingent upon having a great deal of time and personnel. That’s why a managed service presents an attractive alternative.
Gunar Funke, head of SAP Manages Services SAST SOLUTIONS at AKQUINET, recently sat down with us to talk about why a managed service solution makes particular sense in the context of SAP security and what’s involved with regard to SAST SUITE.
SoD-Free User Management via Web Services
Managing a large number of user accounts often presents companies with a major challenge. It’s particularly difficult when user identities need to be maintained in several systems, directory services, or databases. This frequently results in a lack of transparency, conflicts in the segregation of duties (SoD), and an increase in the effort required to address them.
Authorizations for batch processing in NetWeaver and S/4HANA environments
Despite the increasing use of web interfaces in the context of S/4HANA, batch processing is still required for mass data. However, our experience in customer projects has shown that very few administrators know how manage authorizations properly in such scenarios. SAP OSS Note 101146 offers a good overview in this regard. In this blog post, we want to provide a condensed explanation of how the practical aspects interrelate.
Cut down on critical SAP authorizations without interrupting operations
Companies that operate SAP systems are subject to an annual audit by an auditor. Often, SAP authorizations are also examined. The audits check for separation of duties (SoD) and critical authorizations, in particular where SAP Basis Administration is concerned. Read this blog to learn how you can quickly reduce critical SAP authorizations (auditor findings).
Achieving effective IT risk management with dynamic mitigation groups
Holistic, effective risk management in IT will help you make sounder decisions faster and present tremendous potential for value creation throughout your company. In practice, however, we continue to witness a lack of measures appropriate for identifying dangers early on. IT risk management is too often understood as a reactive process.
Step-by-step: Bring your SAP compliance to a brilliant finish
The IT compliance field poses a major challenge for SAP customers, and in particular, with regard to the compliance of SAP users. It is no coincidence that roles and authorization issues are what many SAP customers find most frustrating.
Self-Adjusting Authorizations: SAST SOLUTIONS’s new tool intelligently slims down SAP roles
Companies find themselves challenged again and again by the immense effort required to keep employee SAP authorizations up to date during day to day business. Our new SAST SUITE module, Self-Adjusting Authorizations, takes an intelligent approach to solving the most frequent problems: It removes unused transactions automatically, increasing both compliance security and protection against data misuse, in turn reducing administrative effort.