AGLEA Blog

 

SAP provides pre-defined roles instead of having to create them from scratch.

 

 

Is it worth using them or not? Why are they often, or almost always, not used?

Topics: pfcg, sap standard role

 

There are different formative paths and trainings for the SAP Security area. Below there are the main courses in the SAP Security and Governance area provided by SAP.

Topics: SAP Security, idm, access management, SAP GRC, SAP HR, e-learning, corso, gdpr, pfcg, HANA, S4/HANA, training

 

Do all the users of your system have the SP01 transaction? 

 

Do you really allow all SAP users to see what all users print? Could the prints contain personal data (GDPR), sensitive data? Maybe is better to check it out! 

 

Topics: SAP HR, gdpr, ruoli, pfcg, SPOOL

Do you execute transaction PFCG daily, or even sometimes? Perhaps you're not aware of these functionalities that might be useful in some cases.

During the ordinary system management this information might turn out to be useful.

Topics: pfcg, PFCG SAP transaction, role translation

 

SAP updates are frequent. SAP releases feature updates to its products but also new features or patch security.

 

Topics: patch, upgrade, su25, pfcg, HANA, S4/HANA

 

Is it really possible that external consultants do not have any access to SAP production systems? 

 

Clearly there are various case studies, occasional or ongoing consultants, for example for maintenance contracts.

 

Is it really necessary to release an access to the production systems even in this last case? Can we control what happens and why it is requested?

Topics: sap_all, SAP GRC, sod, gdpr, pfcg, consulenti

In SAP there is/was a limit on the number of profiles that can be assigned to a user. Historically this limit of 300 and then 312 has been kept to stop the assignment of too many authorizations to users.

 

 

Does this limit persist?

Topics: SAP Security, 312, profili, ust04, SAP ECC, pfcg, S4/HANA

 

What is the basic role? 

The basic role is a container of some of the permissions that all users should have. 

 

 

It is a set of utilities, not critical and useful in some moments. How should it be build up and what should it contain? 

Topics: access management, SAP GRC, gdpr, ruoli, pfcg, S4/HANA