Currently, there is no one-size-fits-all solution to address all the issues required by the GDPR.
SAP proposes different systems, see what they are and what they are used for. SAP offers different systems: what are those and what are they for?
0 Comments Click here to read/write comments
Topics: SAP GDPR, sap ilm gdpr, sap tdms, sap data masking, data privacy
Having within the company’s awareness also on the part of SAP developments is certainly important. Especially in order not to be dependent on third parties even for simple problems.
We don’t talk about ABAP developers directly. But what are or could be the impacts in having an internal group of developers for the security aspects.
Is it better, regarding the SAP security, to have an internal or external development team?
0 Comments Click here to read/write comments
Topics: programmazione sicura, codice sicuro SAP, CVA
Is it possible to customize passwords for categories of users? Where and how are passwords managed in SAP?
How can these aspects be checked during an audit?
0 Comments Click here to read/write comments
Topics: sap password, secpol, password policy
Those areas that are often poorly guarded, when you send emails, may contain sensitive or personal data in the body of the email or in the attachments.
In SAP there is a feature to see all outgoing mails from SAP, also in content terms. Let us see what it is and why it is often underestimated in terms of security.
0 Comments Click here to read/write comments
Topics: sap password, mail security sap, sost
Do we need days of work every time we have to deal with this issue?
To understand which licenses and how to read the reports extracted from SAP?
Some tips in this article to make the licensing process easier in SAP.
0 Comments Click here to read/write comments
Topics: usmm, sap license auditing, slaw, audit sap
What are the main questions before starting a revising project of the authorizations in SAP?
What are the main focus point in a SAP Security Review? How to deal with it and how to be prepared?
0 Comments Click here to read/write comments
Topics: SAP Security, S4/HANA, documentazione sap security
This one's a bad habit. Most common causes are:
- Project necessities not better detailed
- Scarse sensibility towards data security
- Scarse knowledge of potential problems of this action
Why should you remove these users, even non-interactive ones, ASAP? Let's see some examples!
0 Comments Click here to read/write comments
Topics: sap_all, auditing, rfc, rfc security, rfc destination, system users
Why is it a strategic move to have a document that describes how the SAP security was addressed in the company?
When is it needed? What is it needed for? Why do it? How do you maintain it?
0 Comments Click here to read/write comments
Employees management inside the HR systems (Human Resources). Here it's also essential to manage access in a way that protects sensible data.
Which are the instruments inside SAP HR systems used for logs management? Let's see the main ones here.
0 Comments Click here to read/write comments
Topics: security audit log, UI logging, audit sap, SAP LOG
Segregation of Duties project: how many risks need to be defined?
0 Comments Click here to read/write comments
Topics: SAP Security, Segregation of duties, audit, custom transactions