Data collection and the subsequent analyses are important, complex processes; it’s difficult to imagine modern business processes without data analytics. To address customers’ specific needs, customer data is analyzed, material inventories are recorded automatically, and entire work processes are scrutinized to squeeze out efficiency gains. Important data collection also takes place within the SAP landscape, for example, with SAP S/4HANA embedded analytics. The check logic in the authorizations deserves special attention here.
SAP Authorizations
Typical pitfalls of SAP S/4HANA migration: Changes in the file structure of the SAP S/4HANA application server cause negative side-effects
In its S/4HANA release, SAP follows a strategy of process simplification and greater usability, among others. At the technical level, new layers such as the SAP Fiori Front-end Server, SAP Fiori launchpad, and SAP Fiori apps were created. The authorizations of these objects require particular attention to avoid nasty surprises as the project progresses. One specific pitfall is the changed file structure on the new application server.
Business partners and the sneaky back door of the F4 search help: How to protect your sensitive data
SAP offers a consolidated data object, the business partner, to simplify the management of sensitive master data for customers, suppliers, and employees. This simplification also poses dangers, however. Therefore, all companies that plan to migrate to SAP S/4HANA should familiarize themselves with the business partner concept ahead of time.
Interview with Ralf Kempf about winning the “Top Identity and Access Management Solution Provider in Europe 2021” award
Last year came to a very pleasant end, as we won the award for “Top Identity and Access Management Solution Provider in Europe 2021”. The December issue of Enterprise Security Magazine reported extensively on our IAM solution and about the innovative features that make our software so unique. We interviewed Mr. Kempf to find out more about the software solution and the current technology trends.
How the skilled use of SAP wildcard characters can shed light on the analysis of the SAP authorization system
For SAP experts worldwide, data display tools like the Data Browser (SE16), Quick Viewer (SQVI), and Query Start (SQ00) are basic components of their everyday work. They have become accustomed to using selection screens, variants, and ALV functions in the output lists of the Data Browser. In this post, we’ll show you examples from the SAP authorization system that illustrate less well-known possibilities for finding what you need in large datasets through the skilled use of wildcard characters during selection.
SAST SOLUTIONS receives the award “Top Identity and Access Management Solution Provider in Europe 2021”
The december issue of Enterprise Security Magazine focuses on IAM solution providers in Europe. It aims to identify the emerging players in the IAM space and showcase their expertise in solving impediments and overcoming market complexities. We are delighted to have won with the topic “Real-Time Identity and Access Management for SAP Systems” the award for “Top IAM Solution Provider in Europe 2021” in this context!
SAP Cyber Security: Five questions and answers about effectively monitoring SAP systems
Do companies need a comprehensive security strategy for their SAP systems? The objective should be the integration into the bigger picture. Due to the lack of structures for overall security, however, security measures on a smaller scale are frequently omitted. It is therefore necessary to optimize internal control systems and – particularly for securing SAP systems – and to establish comprehensive monitoring. Learn more open the interplay of point in time and time frame of the security monitoring.
Think about updating your authorization roles in your SAP S/4HANA project!
Many companies are currently faced with the task of converting their SAP systems to SAP S/4HANA, because their ERP maintenance will be discontinued in the foreseeable future. Project planning usually only takes technical and organizational aspects into account, however; crucial security topics aren’t given enough priority. As a result, the implementation of the authorization concept and adaptation of the authorization roles often end up at the end of the line.
Rectify your top findings before the external auditors arrive!
Once a year, as every SAP administrator and security manager knows, the annual external audit is a given. Despite this, the current risk situation of the SAP systems is often uncertain. Have all the vulnerabilities from the last audit really been taken care of? Have new risks arisen in the meantime? If you don’t take active countermeasures, you might end up in the same situation again and again.
Protecting SAP standard users: How to efficiently protect and lock critical user master records.
Hardening measures for the handling of SAP standard users are an integral part of the SAP security and audit guides. Doesn’t everyone already know that? Only at first glance. Consulting practice has shown that the implementation of these protective measures is a regular, major challenge for businesses of all types and sizes.