Does SAP_ALL view only exist?

Posted by Marta Ortona on Sep 9, 2022 12:00:00 AM

 

In some situations it might be useful to have a role or profile that only allows the data display.

 

 

It is available in SAP something that could answer this request? Is there a SAP_ALL profile for each SAP application component?

Read More
0 Comments Click here to read/write comments

Topics: sap_all_only_view, sap_all, auditing

System Users with SAP_ALL assigned, no thanks!

Posted by Fabio Mambretti on Jun 24, 2022 12:00:00 AM

This one's a bad habit. Most common causes are:

 

  • Project necessities not better detailed
  • Scarse sensibility towards data security
  • Scarse knowledge of potential problems of this action

 

Why should you remove these users, even non-interactive ones, ASAP? Let's see some examples!

Read More
0 Comments Click here to read/write comments

Topics: sap_all, auditing, rfc, rfc destination, rfc security, system users

Consultants with production environment access? 5 actions to remember!

Posted by Marta Ortona on Mar 11, 2022 12:00:00 AM

 

Is it really possible that external consultants do not have any access to SAP production systems? 

 

Clearly there are various case studies, occasional or ongoing consultants, for example for maintenance contracts.

 

Is it really necessary to release an access to the production systems even in this last case? Can we control what happens and why it is requested?

Read More
0 Comments Click here to read/write comments

Topics: pfcg, gdpr, sap_all, sod, SAP GRC, consulenti

All posts

Yes Subscribe!

Blog Aglea, what you could find out?

Every Friday a new post, interview or content related to SAP Security.

  • Tips on how to design SAP Security
  • How to
  • Checklist
  • Common error and pitfall on security SAP
  • Interview with experts
  • Who we are and Aglea vision on SAP Security

Recent Posts

Post By Topic

See all

SAP Security Blog AGLEA RSS Feed

Aglea s.r.l. P. IVA: IT 03868780960 - 2025 | Copy | Note legali