Marta Ortona

Marta Ortona

Recent Posts

SAP Security awareness, Make yourself heard!

Posted by Marta Ortona on Oct 28, 2022 8:15:00 AM

Read here what SAP courses are available. Read here what SAP courses are available.

Data are the new oil? That's probably it! It becomes therefore fundamental to characterize where they reside and their criticality



Once all "standard" protection mechanisms are in place, namely infrastructure and application aspects, it is strategic to deal with the weakest link in the chain. The human side.

How to manage layer 8 of the ISO/OSI model


Read More

Topics: security awareness, social engineering

SAP Authorization Manual

Posted by Marta Ortona on Oct 21, 2022 8:15:00 AM


During daily support users often have to request some information. By email or by corporate ticketing tool.




What system are you on? What were you doing? What transactions were you using when you received the error and so on 


To facilitate these requests, in the SAP authorizations field, we can define a short user manual to publish, for example on the company intranet. 


Read More

Topics: SAP Security, aglea, sap consulenza security, su53

Data Protection in SAP

Posted by Marta Ortona on Oct 14, 2022 8:15:00 AM



Data protection in SAP also passes through the control of the transactions.


How does SAP control their execution? What should you pay attention to when defining custom transactions in SAP? 

Read More

Topics: transazioni sap, auditing, processi security

SAP authorizations, 10 things to avoid!

Posted by Marta Ortona on Oct 7, 2022 8:15:00 AM

There are many creative ways, in addition to the standard SAP, to manage authorizations. 


Let us begin by saying what is the only recommended way. Authorization control using the statement ABAP AUTHORITY-CHECK.


What are other ways to manage SAP authorization controls? More importantly, why shouldn’t you use them? 

Read More

Topics: sap custom, autorizzazioni sap, profili sap, sap tabelle custom

3 Tips to secure printers in SAP

Posted by Marta Ortona on Sep 30, 2022 8:15:00 AM


Do all the users of your system have the SP01 transaction? 


Do you really allow all SAP users to see what all users print? Could the prints contain personal data (GDPR), sensitive data? Maybe is better to check it out! 


Read More

Topics: SAP HR, gdpr, ruoli, pfcg, SPOOL

3 tips ready to use. Reduce SAP security management costs!

Posted by Marta Ortona on Sep 23, 2022 8:15:00 AM


There are cases in which the management of 10.000 SAP users is done by two or three people (maybe not full-time).


Other similar or smaller cases where a team of 15 full-time people fail to meet the demands.

How is it possible? Let’s try to analyze what could be the causes and also possible solutions.

Read More

Topics: SAP GRC, consulenti, sicurezza sap, sap consulenza security

SAP HANA Security, HANA o S/4HANA migration or installation?

Posted by Marta Ortona on Sep 16, 2022 8:15:00 AM


From 2025 (SAP has moved in early 2020 the sap ecc support term date to 2027 instead of 2025) SAP's support for the SAP ECC (ERP Central Component) product will end.

It is therefore important to prepare in time for migration to HANA and S/4HANA.


But what are HANA and S/4HANA and what impacts are there with SAP security?

Read More

Topics: HANA, S4/HANA, sap hana, HANA Security

Does SAP_ALL view only exist?

Posted by Marta Ortona on Sep 9, 2022 8:15:00 AM


In some situations it might be useful to have a role or profile that only allows the data display, 



It is available in SAP something that could answer this request? Is there a SAP_ALL profile for each SAP application component?

Read More

Topics: sap_all, auditing, sap_all_only_view

Do you need SAP GRC to manage a Super User in SAP?

Posted by Marta Ortona on Sep 2, 2022 8:15:00 AM


Sometimes it is necessary to intervene in the Production System to correct an extremely urgent problem. That is to perform an action which is not normally done.



What are we supposed to do in these situations? Do we really need specific tools or we can carry out what is required in a safe and secure way?   

Read More

Topics: sicurezza sap, sap consulenza security, sap super user, emergency users, super utenti sap

Risk and violation in SoD management, are they synonymous?

Posted by Marta Ortona on Aug 26, 2022 8:15:00 AM


Read More

Topics: governance, Segregation of duties, SAP GRC, sod

Yes Subscribe!

Blog Aglea, what you could find out?

Every Friday a new post, interview or content related to SAP Security.

  • Tips on how to design SAP Security
  • How to
  • Checklist
  • Common error and pitfall on security SAP
  • Interview with experts
  • Who we are and Aglea vision on SAP Security

Recent Posts

Post By Topic

See all