SAP RFC Security

Posted by Andrea Mazzolani on Dec 2, 2022 8:15:00 AM

RFC means Remote Function Call and it's the SAP standard interface that make the systems communicate between eachother.

 

Failing to configure this aspect can expose the system to a series of security problems. There are multiple aspects to keep in mind. In this article we will talk about how to protect the system from RFC calls made from third party systems or from other SAP systems.

Read More

Topics: rfc, rfc security, UCON

SAP GxP Compliance

Posted by Andrea Mazzolani on Nov 25, 2022 8:15:00 AM

What does GxP mean? Why is it done in SAP?

What are the semplifications that can reduce the maintenance cost of these aspects?

Read More

Topics: gxp, sap gxp compliance

SAP GRC 12, upgrade

Posted by Andrea Mazzolani on Nov 18, 2022 8:15:00 AM

The SAP GRC system has to be updated too, with new functionalities, solved issues and improvements.

 

 

Here's why you should think about updating this tool. Let's talk about SAP GRC Access Control.

Read More

Topics: sap access control, sap grc 12

SAP Data Loss Prevention, what to do?

Posted by Andrea Mazzolani on Nov 11, 2022 8:15:00 AM

What does Data Loss Prevention mean?

 

It means to "put in place" all the possible actions to prevent non-authorized data leaks.

 

Data leak and data loss have multiple meanings. But what can you do in SAP?

Fuga di dati e perdita di dati hanno significati molteplici. Ma come è possibile fare in SAP?

Read More

Topics: sap hana, rfc security, SAP audit, soar, sap siem, sap etd, SAP DLP, data loss prevention

SAP Security, which courses should you follow?

Posted by Andrea Mazzolani on Nov 4, 2022 8:15:00 AM

 

There are different formative paths and trainings for the SAP Security area. Below there are the main courses in the SAP Security and Governance area provided by SAP.

Read More

Topics: SAP Security, idm, access management, SAP GRC, SAP HR, e-learning, corso, gdpr, pfcg, HANA, S4/HANA, training

SAP Security awareness, Make yourself heard!

Posted by Marta Ortona on Oct 28, 2022 8:15:00 AM

Read here what SAP courses are available. Read here what SAP courses are available.

Data are the new oil? That's probably it! It becomes therefore fundamental to characterize where they reside and their criticality

 

 

Once all "standard" protection mechanisms are in place, namely infrastructure and application aspects, it is strategic to deal with the weakest link in the chain. The human side.

How to manage layer 8 of the ISO/OSI model

 

Read More

Topics: security awareness, social engineering

SAP Authorization Manual

Posted by Marta Ortona on Oct 21, 2022 8:15:00 AM

 

During daily support users often have to request some information. By email or by corporate ticketing tool.

 

 

 

What system are you on? What were you doing? What transactions were you using when you received the error and so on 

 

To facilitate these requests, in the SAP authorizations field, we can define a short user manual to publish, for example on the company intranet. 

 

Read More

Topics: SAP Security, aglea, sap consulenza security, su53

Data Protection in SAP

Posted by Marta Ortona on Oct 14, 2022 8:15:00 AM

 

 

Data protection in SAP also passes through the control of the transactions.

 

How does SAP control their execution? What should you pay attention to when defining custom transactions in SAP? 

Read More

Topics: transazioni sap, auditing, processi security

SAP authorizations, 10 things to avoid!

Posted by Marta Ortona on Oct 7, 2022 8:15:00 AM

There are many creative ways, in addition to the standard SAP, to manage authorizations. 

 

Let us begin by saying what is the only recommended way. Authorization control using the statement ABAP AUTHORITY-CHECK.

 

What are other ways to manage SAP authorization controls? More importantly, why shouldn’t you use them? 

Read More

Topics: sap custom, autorizzazioni sap, profili sap, sap tabelle custom

3 Tips to secure printers in SAP

Posted by Marta Ortona on Sep 30, 2022 8:15:00 AM

 

Do all the users of your system have the SP01 transaction? 

 

Do you really allow all SAP users to see what all users print? Could the prints contain personal data (GDPR), sensitive data? Maybe is better to check it out! 

 

Read More

Topics: SAP HR, gdpr, ruoli, pfcg, SPOOL

Content not found

Yes Subscribe!

Blog Aglea, what you could find out?

Every Friday a new post, interview or content related to SAP Security.

  • Tips on how to design SAP Security
  • How to
  • Checklist
  • Common error and pitfall on security SAP
  • Interview with experts
  • Who we are and Aglea vision on SAP Security

Recent Posts

Post By Topic

See all