Identity Services – the gateway to the SAP cloud world

Identity Directory Service An SAP directory service in which all user and group assignments are stored (analogous to e.g.AD/AAD) Identity Provisioning Service A service that provisions group assignments in the backend system, including attribute mappings and transformations Identity Authentication Service The IdP from SAP. This can be used to implement MFA and SSO scenarios orContinue reading “Identity Services – the gateway to the SAP cloud world”

What are critical authorizations?

Critical authorizations and segregation of duties conflicts (SoD conflicts) are part of everyday life for authorizers. However, this does not make dealing with them any less challenging. Especially because different authorizations can be considered critical in every company. We explain how you can identify critical authorizations and how you can minimize the risk.

Transaction types in SAP

In SAP, there are a variety of transaction types that allow users to perform business processes. However, each transaction type has its own risks in terms of data protection and system security.

Using SAP_ALL and SAP_NEW correctly

The standard SAP_ALL and SAP_NEW profiles allow you to assign a user full authorizations for all transactions and functions in the SAP system. It is well known that the profiles represent an enormous security risk. Nevertheless, they are often required for scenarios such as the use of emergency users or for technical users. Find out how to use SAP_ALL and SAP_NEW correctly here.