When introducing S/4HANA, a Front End Server (FES) must be introduced in case of using APPs instead of classic transactions.
Can FES be in the cloud even if we have ERP on premise? What are the points of attention when defining an authorization model in this context?
Are you using or need to implement the SAP FIORI system?
The SAP FIORI interface is also used for S/4HANA. Read here to verify or have verified what the security configurations are!
With the introduction of S/4HANA, the Fiori interface becomes a de facto standard.
Although it is still possible to still use the GUI interface at the moment, it may be useful to know what the main elements are in the area of roles and authorizations in SAP Fiori.
What is the SAP Fiori library and when can it be useful? How do you access it? What are the important parts?
Is it really indispensable? Read this article if you want to learn more.
What does the onboarding process mean and why can it also be important in SAP security process management?
How much can being " trained" from the start on these issues help over the time you spend in the company?
How much do you know about your risk matrix?
Regardless of the tool you use to perform the access risk analysis, it might be useful to further investigate.
With the transition to SAP Fiori, transaction SU53 has been replaced with App Support, a new tool helps to analyze and solve configuration problems and authorization errors in the SAP Fiori Launchpad.
Topics: SAP FIORI Security, su53, sap FIORI
But what does it mean? Why might this be something to consider in the future?
But what is SAP doing about Deceptive Application and RASP? What do these acronyms mean?
When you start to learn about a certain SAP product, you often find a lot of documentation.
You don't always find what you're looking for. But still there is so much information. How to orient yourself in the case of SAP GRC?
Have you ever thought about how much data SAP systems exchange with third-party systems or between SAP systems on their own?
How many interfaces are there? How many systems are connected? And especially what and how much data are exchanged? Who can have access to this data? In most cases this is business data so not purely technical.