What does Data Loss Prevention mean?
It means to "put in place" all the possible actions to prevent non-authorized data leaks.
Data leak and data loss have multiple meanings. But what can you do in SAP?
Fuga di dati e perdita di dati hanno significati molteplici. Ma come è possibile fare in SAP?
Topics: SAP audit, soar, sap etd, sap siem, sap hana, data loss prevention, SAP DLP, rfc security
There are different formative paths and trainings for the SAP Security area. Below there are the main courses in the SAP Security and Governance area provided by SAP.
Topics: corso, pfcg, gdpr, e-learning, SAP GRC, idm, access management, SAP Security, SAP HR, HANA, training
Read here what SAP courses are available. Read here what SAP courses are available.
Data are the new oil? That's probably it! It becomes therefore fundamental to characterize where they reside and their criticality
Once all "standard" protection mechanisms are in place, namely infrastructure and application aspects, it is strategic to deal with the weakest link in the chain. The human side.
How to manage layer 8 of the ISO/OSI model?
Topics: security awareness, social engineering
During daily support users often have to request some information. By email or by corporate ticketing tool.
What system are you on? What were you doing? What transactions were you using when you received the error and so on
To facilitate these requests, in the SAP authorizations field, we can define a short user manual to publish, for example on the company intranet.
Topics: su53, sap consulenza security, SAP Security, aglea
Data protection in SAP also passes through the control of the transactions.
How does SAP control their execution? What should you pay attention to when defining custom transactions in SAP?
Topics: auditing, processi security, transazioni sap
There are many creative ways, in addition to the standard SAP, to manage authorizations.
Let us begin by saying what is the only recommended way. Authorization control using the statement ABAP AUTHORITY-CHECK.
What are other ways to manage SAP authorization controls? More importantly, why shouldn’t you use them?
Topics: profili sap, autorizzazioni sap, sap custom, sap tabelle custom
Do all the users of your system have the SP01 transaction?
Do you really allow all SAP users to see what all users print? Could the prints contain personal data (GDPR), sensitive data? Maybe is better to check it out!
There are cases in which the management of 10.000 SAP users is done by two or three people (maybe not full-time).
Other similar or smaller cases where a team of 15 full-time people fail to meet the demands.
How is it possible? Let’s try to analyze what could be the causes and also possible solutions.
Topics: sicurezza sap, SAP GRC, sap consulenza security, consulenti
From 2025 (SAP has moved in early 2020 the sap ecc support term date to 2027 instead of 2025) SAP's support for the SAP ECC (ERP Central Component) product will end.
It is therefore important to prepare in time for migration to HANA and S/4HANA.
But what are HANA and S/4HANA and what impacts are there with SAP security?
Topics: HANA Security, HANA, sap hana
In some situations it might be useful to have a role or profile that only allows the data display.
It is available in SAP something that could answer this request? Is there a SAP_ALL profile for each SAP application component?
Topics: sap_all_only_view, sap_all, auditing