Wherever electricity is flowing through a cable or data is being transmitted over a fiber optics cable, HellermannTyton products are never far away. Over the last 85 years, the company has developed into a leading global provider of cable management solutions and is on track to continue this growth both nationally and internationally. This expansion is also reflected in its SAP systems and authorizations, which have grown alongside its success. Today, systems with this level of complexity are expected – internally and externally – to comply with strict requirements.
Takeda, Japan’s largest pharmaceuticals company, manages its business processes in a global, heterogeneous IT landscape. From SAP ERP to SAP Cloud applications, employees work at a variety of levels, depending on their involvement in processes, and therefore need access to a number of systems. As a result, the company has to constantly review conflicting authorizations to meet strict compliance requirements, such as segregation of duties (SoD). Most standard software solutions on the market only monitor SoD conflicts and risks in a single system, however, which led the company to search for an end-to-end solution.
One of our long-standing customers, the largest forklift manufacturer in Europe, uses the SAST SUITE for its SAP authorization management alongside a variety of IT services from akquinet AG. As part of a compliance project, the SAST Consulting team was commissioned to redesign and re-engineer all SAP authorizations for nearly 900 users in Germany. In this guest commentary from Sascha Heckmann, together with external SAP consultant Bernhard Radermacher, he tells how the “Ticket Monitor” a custom-developed add-on for the tried and tested SAST Safe Go-Live Management helped the project become a full success.
Berliner Wasserbetriebe, Berlin’s water supply and wastewater disposal company, is a public institution and is therefore subject to special legal requirements. High security standards apply to both business processes and its IT operations. As a consequence, setting up transparent SAP authorization management company-wide to meet all of these requirements was one of the water company’s most critical tasks.
Managing a large number of user accounts often presents companies with a major challenge. It’s particularly difficult when user identities need to be maintained in several systems, directory services, or databases. This frequently results in a lack of transparency, conflicts in the segregation of duties (SoD), and an increase in the effort required to address them.
They say that major events cast a shadow that portends their arrival. In SAP environments, this applies in particular to the transition to S/4HANA, which companies will need to make before maintenance for SAP ERP expires in 2025.
As we covered this pending migration from various perspectives at our SAST DAYS 2019 event, interest in the topics of authorizations and code security was especially high. Let’s take a look back at those exciting days, which presented a balanced mix of current challenges and assorted solutions.
Takeda’s twin objectives were to accelerate and simplify its authorization assignment process while deploying a tool that was simultaneously capable of providing vulnerability monitoring for its SAP backend worldwide. Continue reading
New features for the SAST SUITE: the SAST Enhanced SoD and Control Reporting.
Every company that needs to redesign its authorizations after an audit knows the challenges: perplexed in the screening and analysis of all identified risks. Our new features for the SAST SUITE enable you to periodically report your risks and mitigations – fast and intuitively.