Twitter Feed

Ask for a quote

Ask for a quote. Your company will benefit.

SAP Security

 

SAP SecuritySAP has a licensing system and controls that apply to users accessing the system. It allows maintenance of these users, as well as defining and assigning roles to them to allow or prevent access to certain business processes.

 

SAP SECURITY FEATURES
  • Users management which can access SAP.
  • Maintaining security in access to certain data and processes considered critical.
  • Maintains an adequate segregation of duties in the company structure, defining roles and jobs.
  • Get reports to audit access and modifications to sensitive data.
 Sap roles, authorizations and segregation of duties

Your SAP system has been in Live for some time, has even overcome some version changes. Surely yourself or external consultants who have passed through your facilities have created new transactions, countless reports and even have external access to your SAP installation to work remotely. If you are asked about your SAP system security probably you respond that there is no problem, all users access to their transactions smoothly and everything works right. But if we make the question in a different way: are you sure your users have no more authorization which they should have?

 
There is some information that the Company should restrict, both financial (balance sheets, suppliers personal data, customers), logistics (prices, stocks), not to mention HR personal information (personal, payroll, counselors allowances, ...). It is clear that a user will complain if he doesn't have authorization to run a transaction, but he won't ever say he can access the rewards of colleagues or he is aware of your cash flow better than the CFO by running certain transaction.
 
Perhaps your financial auditor has made a system audit, checking the paswords strength, users having SAP_ALL profile, etc. We go further and review the user licenses of those who rarely access the system and you are still paying for that to your SAP partner.
 
Finally, just to mention some other sources of insecurity that we could find:
  • The lack of segregation of duties (SOD). If there is anyone in your organization able to modify data bank of suppliers and issuing payments, you could have a problem, and so many other alerts that are obtained with an array of this type.
  • The interfaces on mobile devices via WiFi networks.
  • Etc.

 

Joomla Template by Joomla51.com