Standard SAP Roles, are they used or it's better not to use them?

Posted by Andrea Mazzolani (translation) on Mar 24, 2023 12:00:00 AM

 

SAP provides pre-defined roles instead of having to create them from scratch.

 

 

Is it worth using them or not? Why are they often, or almost always, not used?

Read More

Topics: pfcg, sap standard role

SAP Security, which courses should you follow?

Posted by Andrea Mazzolani (translation) on Nov 4, 2022 12:00:00 AM

 

There are different formative paths and trainings for the SAP Security area. Below there are the main courses in the SAP Security and Governance area provided by SAP.

Read More

Topics: corso, pfcg, gdpr, e-learning, SAP GRC, idm, access management, SAP Security, SAP HR, HANA, training

3 Tips to secure printers in SAP

Posted by Marta Ortona on Sep 30, 2022 12:00:00 AM

 

Do all the users of your system have the SP01 transaction? 

 

Do you really allow all SAP users to see what all users print? Could the prints contain personal data (GDPR), sensitive data? Maybe is better to check it out! 

 

Read More

Topics: pfcg, gdpr, ruoli, SAP HR, SPOOL

SAP PFCG: 5 Things you did not know about this transaction

Posted by Fabio Mambretti on May 13, 2022 12:00:00 AM

Do you execute transaction PFCG daily, or even sometimes? Perhaps you're not aware of these functionalities that might be useful in some cases.

During the ordinary system management this information might turn out to be useful.

Read More

Topics: pfcg, PFCG SAP transaction, role translation

SAP Upgrades. Authorizations are always neglected, why?

Posted by Fabio Mambretti on Mar 18, 2022 12:00:00 AM

 

SAP updates are frequent. SAP releases feature updates to its products but also new features or patch security.

 

Read More

Topics: patch, pfcg, su25, upgrade, HANA

Consultants with production environment access? 5 actions to remember!

Posted by Marta Ortona on Mar 11, 2022 12:00:00 AM

 

Is it really possible that external consultants do not have any access to SAP production systems? 

 

Clearly there are various case studies, occasional or ongoing consultants, for example for maintenance contracts.

 

Is it really necessary to release an access to the production systems even in this last case? Can we control what happens and why it is requested?

Read More

Topics: pfcg, gdpr, sap_all, sod, SAP GRC, consulenti

How do you surpass the 312 profiles limit in SAP?

Posted by Fabio Mambretti on Feb 11, 2022 12:00:00 AM

In SAP there is/was a limit on the number of profiles that can be assigned to a user. Historically this limit of 300 and then 312 has been kept to stop the assignment of too many authorizations to users.

 

 

Does this limit persist?

Read More

Topics: pfcg, SAP Security, profili, ust04, SAP ECC, 312

Basic Role, what is it and what should it contain?

Posted by Marta Ortona on Oct 17, 2019 12:00:00 AM

 

What is the basic role? 

The basic role is a container of some of the permissions that all users should have. 

 

 

It is a set of utilities, not critical and useful in some moments. How should it be build up and what should it contain? 

Read More

Topics: pfcg, gdpr, SAP GRC, access management, ruoli

Yes Subscribe!

Blog Aglea, what you could find out?

Every Friday a new post, interview or content related to SAP Security.

  • Tips on how to design SAP Security
  • How to
  • Checklist
  • Common error and pitfall on security SAP
  • Interview with experts
  • Who we are and Aglea vision on SAP Security

Recent Posts

Post By Topic

See all