Consultants with production environment access? 5 actions to remember!

Posted by Marta Ortona on Mar 11, 2022 8:15:00 AM

 

Is it really possible that external consultants do not have any access to SAP production systems? 

 

Clearly there are various case studies, occasional or ongoing consultants, for example for maintenance contracts.

 

Is it really necessary to release an access to the production systems even in this last case? Can we control what happens and why it is requested?

Read More

Topics: sap_all, SAP GRC, sod, gdpr, pfcg, consulenti

How to export data from SAP?

Posted by Fabio Mambretti on Feb 25, 2022 8:30:00 AM

Here's why it's important to check how data is exported and by who it's spread

How do you monitor the data exported from SAP ECC?

 

Many users must be formally authorized in order to do that as part of their job. It’s however of great importance, especially in a GDPR framework, to monitor how and who exports data in a non-authorized way from the SAP system.

How do you do that? Let’s see some paid methods and others included in the SAP business suite

Read More

Topics: SAP Security, SAP ECC, SAP HR, gdpr, UI Masking, security audit log, UI logging

5 Reasons (SAP Security) to have an updated test system

Posted by Fabio Mambretti on Feb 4, 2022 8:15:00 AM

A classic SAP landscape is made of three distinct machines:

 

  • Develop environment
  • Test or quality environment
  • Production environment

 

It's possible to define more environments, for example, pre-production or other clients in the aforementioned systems.

 

Why are test systems essential for SAP security, and why do they need to be managed in such a way?

Read More

Topics: gdpr, quality, test system, audit sap, sap security guidelines

GDPR Course - General Data Protection Regulation

Posted by Andrea Cavalleri on Feb 25, 2021 11:15:20 PM

Genesis

On the 25th of may the “General Data Protection Regulation”, also known as “UE 2016/679 Regulation” or “GDPR” has become effective.

Read More

Topics: SAP GDPR, e-learning, corso, gdpr

Basic Role, what is it and what should it contain?

Posted by Marta Ortona on Oct 17, 2019 10:45:00 AM

 

What is the basic role? 

The basic role is a container of some of the permissions that all users should have. 

 

 

It is a set of utilities, not critical and useful in some moments. How should it be build up and what should it contain? 

Read More

Topics: access management, SAP GRC, gdpr, ruoli, pfcg, S4/HANA

Content not found

Yes Subscribe!

Blog Aglea, what you could find out?

Every Friday a new post, interview or content related to SAP Security.

  • Tips on how to design SAP Security
  • How to
  • Checklist
  • Common error and pitfall on security SAP
  • Interview with experts
  • Who we are and Aglea vision on SAP Security

Recent Posts

Post By Topic

See all