AGLEA Blog

There are different formative paths and trainings for the SAP Security area. Below there are the main courses in the SAP Security and Governance area provided by SAP.

Do all the users of your system have the SP01 transaction? 

Do you really allow all SAP users to see what all users print? Could the prints contain personal data (GDPR), sensitive data? Maybe is better to check it out! 

Is it really possible that external consultants do not have any access to SAP production systems? 

Clearly there are various case studies, occasional or ongoing consultants, for example for maintenance contracts.

Is it really necessary to release an access to the production systems even in this last case? Can we control what happens and why it is requested?

Here's why it's important to check how data is exported and by who it's spread

How do you monitor the data exported from SAP ECC?

Many users must be formally authorized in order to do that as part of their job. It’s however of great importance, especially in a GDPR framework, to monitor how and who exports data in a non-authorized way from the SAP system.

How do you do that? Let’s see some paid methods and others included in the SAP business suite

A classic SAP landscape is made of three distinct machines:

• Develop environment
• Test or quality environment
• Production environment

It's possible to define more environments, for example, pre-production or other clients in the aforementioned systems.

Why are test systems essential for SAP security, and why do they need to be managed in such a way?

Genesis

On the 25^th of may the “General Data Protection Regulation”, also known as “UE 2016/679 Regulation” or “GDPR” has become effective.

What is the basic role? 

The basic role is a container of some of the permissions that all users should have. 

It is a set of utilities, not critical and useful in some moments. How should it be build up and what should it contain?