Firefighter user help to solve problems quickly and are used for infrequent or irregular activities. With firefighters, you can keep user authorizations lean because they can fall back on these emergency users in case of doubt. However, the use of firefighters in SAP systems is a critical issue for system security and compliance. That isContinue reading “Firefighter authorizations”
Author Archives: K1203130620
Audit-proof SAP authorizations
Customers want “audit-proof” authorizations, but what exactly does that mean? What exactly do auditors scrutinize and which authorizations are classified as particularly critical? We’ll find out today.
Securely authorize table access
Table authorizations are necessary and at the same time a security risk. Find out how you can optimize table access authorizations.
Fiori 3.0: What Spaces, Pages and Sections are all about
Fiori is no longer a new technology. But the latest version has brought a whole series of changes that are also relevant for authorized users. We take a look at what the new Fiori objects Spaces, Pages and Sections are all about – and how they affect authorizations.
Identity Services – the gateway to the SAP cloud world
Identity Directory Service An SAP directory service in which all user and group assignments are stored (analogous to e.g.AD/AAD) Identity Provisioning Service A service that provisions group assignments in the backend system, including attribute mappings and transformations Identity Authentication Service The IdP from SAP. This can be used to implement MFA and SSO scenarios orContinue reading “Identity Services – the gateway to the SAP cloud world”
What are critical authorizations?
Critical authorizations and segregation of duties conflicts (SoD conflicts) are part of everyday life for authorizers. However, this does not make dealing with them any less challenging. Especially because different authorizations can be considered critical in every company. We explain how you can identify critical authorizations and how you can minimize the risk.
Transaction types in SAP
In SAP, there are a variety of transaction types that allow users to perform business processes. However, each transaction type has its own risks in terms of data protection and system security.
Analysis tools in SAP authorizations
Suddenly, a user can no longer work properly in the SAP system. And of course – allegedly – missing authorizations are to blame. We will show you how to quickly and reliably analyze whether and which authorization errors are really present.
Authorize function modules
Function modules (FuBa) are used everywhere in the SAP system. The standard already delivers a large number of FuBas. In addition, developers can create customer-specific function modules. These do not always have to be authorized separately. But if you need to authorize function modules, you can find out how here.
Basic role for all users
A basic role combines almost all authorizations that all users need. It can be assigned automatically when a new user is created in the system, assigned directly, or included in composite or business roles, thus facilitating the rapid assignment of basic SAP authorizations.