System Users with SAP_ALL assigned, no thanks!

Posted by Fabio Mambretti on Jun 24, 2022 8:15:00 AM

This one's a bad habit. Most common causes are:

 

  • Project necessities not better detailed
  • Scarse sensibility towards data security
  • Scarse knowledge of potential problems of this action

 

Why should you remove these users, even non-interactive ones, ASAP? Let's see some examples!

Read More

Topics: sap_all, auditing, rfc, rfc security, rfc destination, system users

Consultants with production environment access? 5 actions to remember!

Posted by Marta Ortona on Mar 11, 2022 8:15:00 AM

 

Is it really possible that external consultants do not have any access to SAP production systems? 

 

Clearly there are various case studies, occasional or ongoing consultants, for example for maintenance contracts.

 

Is it really necessary to release an access to the production systems even in this last case? Can we control what happens and why it is requested?

Read More

Topics: sap_all, SAP GRC, sod, gdpr, pfcg, consulenti

Content not found

Yes Subscribe!

Blog Aglea, what you could find out?

Every Friday a new post, interview or content related to SAP Security.

  • Tips on how to design SAP Security
  • How to
  • Checklist
  • Common error and pitfall on security SAP
  • Interview with experts
  • Who we are and Aglea vision on SAP Security

Recent Posts