In this series of articles we discuss the "tip" of the day. That is, real cases of requests received in counseling.
Today we discuss "is it worth using user parameters to manage permissions?" What are the advantages and disadvantages?
0 Comments Click here to read/write comments
Topics: parameter sap, SAP GRC, SAP IDM, sap gui
In the day-to-day these terms are often used as synonyms , but they're actually not
They can be confused and often it's not clear whether it's correct to talk about SAP profiles or roles. Let's try to underline the differences between these two terms, by starting from the past!
0 Comments Click here to read/write comments
Topics: sap security blog, authorization model, authorization concept, HANA Roles, Profiles
Which are the tables of the SAP GRC Access Control product useful to know (out of the existing 2500)?
0 Comments Click here to read/write comments
For some SE16 may be an unknown acronym. For others it is the "bread and butter." It is a SAP transaction remarkably familiar to administrators. And often not only them, unfortunately.
But what is it used for? How many versions of it are there? How do you use it and what are the risks involved?
We discuss it in this article!
0 Comments Click here to read/write comments
Topics: se16n, se16, SAP Security, supporto sap ams, sap query, SAP GDPR
Did you ever hear about it? What does it do?
How does it work and what are the attention points of this tool?
1 Comment Click here to read/write comments
Topics: sap earlywatch, secure operation map, sap sos
What does it mean? Do you have a uniform model to manage SAP Security or for each project you have to do it from scratch, wishing that it will be at least similar to the one already done, maybe from others in the past?
Let's discover in this article if the centralized management SAP Security is better or worse. Are there one or multiple orchestra directors?
0 Comments Click here to read/write comments
Topics: consulenza sap security, consulenti sap security, progetti security sap
It's always more common to see hybrid sceneries, meaning On-premise and on cloud systems. Or just on cloud.
In these systems too, obviously, it's necessary to activate these policies used in on-premise systems.
But what accesses should you supply? Especially to who still isn't part of this organization?
0 Comments Click here to read/write comments
Topics: sap btp, SAP Cloud Security
RFC means Remote Function Call and it's the SAP standard interface that make the systems communicate between eachother.
Failing to configure this aspect can expose the system to a series of security problems. There are multiple aspects to keep in mind. In this article we will talk about how to protect the system from RFC calls made from third party systems or from other SAP systems.
0 Comments Click here to read/write comments
Topics: UCON, rfc, rfc security
What does GxP mean? Why is it done in SAP?
What are the semplifications that can reduce the maintenance cost of these aspects?
0 Comments Click here to read/write comments
Topics: gxp, sap gxp compliance
The SAP GRC system has to be updated too, with new functionalities, solved issues and improvements.
Here's why you should think about updating this tool. Let's talk about SAP GRC Access Control.
0 Comments Click here to read/write comments
Topics: sap grc 12, sap access control