Xpandion Blog

  • Home
    Blog Home This is where you can find all the blog posts throughout the site.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
Yoav Michaeli

Yoav Michaeli

Yoav Michaeli joined Xpandion in 2008 as a team leader, and in 2010 Mr. Michaeli began managing the entire Research & Development group of the company. Prior to joining Xpandion, Mr. Michaeli served in an elite technological unit of the Israeli Defense Forces as a team leader for various key military projects. Among other achievements, he was instrumental in pioneering the use of advanced .NET technologies for large scale distributed systems. Mr. Michaeli is an expert in programming, agile development, application security and specialized programming techniques.

In order to manage a Segregation of Duties project successfully, it is essential that you eliminate business risk across your organization. To accomplish this you need to implement a comprehensive rule-set.

iStock 000005994546XSmall

Continue reading
Hits: 10246 0 Comments

When it comes to requesting and granting authorizations, I found that in many companies the process is performed manually – via email – as follows:

  1. User sends email to IT requesting additional authorization to perform activity.
  2. IT transfers request to relevant manager, who approves required authorization (at times without even inspecting the real intention of the request).
  3. IT allocates the required authorization to user.

Responsible 000006149074XSmall

Continue reading
Hits: 6400 0 Comments

"Who authorized it?" is definitely the most asked question following a fraud event or leakage of information.  

wh authorized 000010478987XSmall

Continue reading
Hits: 7369 0 Comments

This is a true story from last week – an Xpandion expert received a phone call from one of our European clients, claiming they just received a High Risk Irregular Behavior alert pertaining to unauthorized access of salary information. After a quick investigation using ProfileTailor™ Dynamics, it was clear that something “fishy” was going on and actions had to be taken accordingly.

Hooray We Caught a Thief

Continue reading
Hits: 5645 0 Comments

Companies of all kinds and sizes are focusing more and more on finding the most adequate GRC (Governance, Risk, and Compliance) and SoD (Segregations of Duties) solutions.

SoD 000019289272XSmall

Continue reading
Hits: 7006 0 Comments

Posted by in Xpandion

Increased licensing costs. Security. Breaches. Hackers. Budget cuts. Downsizing. 

Continue reading
Hits: 5531 0 Comments

The more Security and SAP Licensing Managers that Xpandion works with, the more confirmation we receive that there is a distinct difference in the actions taken by successful managers vs.  unsuccessful managers.  Using ProfileTailor Dynamics/ LicenseAuditor these successful managers implement specific action items which are the only ones possible to increase ROI and decrease TCO in the world of SAP.

Continue reading
Hits: 5656 0 Comments

Although this topic may generate a lot of excitement among some of you – it's not a formal SAP licensing type (yet). However, it might make sense to consider it, since using LicenseAuditor, we often see organizations of 10,000+ SAP users with a daily average use of only 800 actual users - or less. These organizations have recently started to talk with us and SAP about licensing according to concurrent users.

What is licensing by concurrent users?

In this method of licensing, the organization is buying an amount of users who can work simultaneously. If the organization has bought X concurrent users, then, when the X+1 user tries to log-in, he or she will be turned off and will have to wait until another user logs out.
Each license based on this method would cost considerably more than licensing by named users. However, there will be significantly fewer licenses needed, so, it is a more "honest" approach, and it makes more sense to organizations. Furthermore, you would be able to support different SAP systems with different numbers of licenses for each system.
The idea is: "if you don't need a license, don't pay for it", especially when dealing with very expensive licenses.

Continue reading
Hits: 7353 2 Comments

Posted by in Xpandion

Though most SAP programmers are reliable, serious professionals, there are a few who are intent on harming their organizations – and because of these few, we are rightfully afraid of the power of SAP Programmers. They almost always have a significant number of authorizations in the production system - and access to almost every part of the system.

Because of this clear threat, for the last few years I have been a strong advocate in pushing the idea that programmers shouldn't have access to production systems; they should only have access to DEV and QA systems - and if there’s a real bug in production – they can use a special username to perform a debugging for a limited time. Unfortunately, the idea was premature and I wasn't able to convince any of the organizations I worked with about the importance of segregation of duties and reduction of absolute power to any one user.

They always said that they trusted their programmers….mistake.


Continue reading
Hits: 5434 0 Comments



157 Yigal Alon Street,

Tel Aviv 67443, Israel


US Office


33 West 19th Street, New York,

NY 10011, USA


India Office


C 103, Akruti Orchid Park, Andheri-Kurla Road,

Andheri East, Mumbai, India