Xpandion Blog

  • Home
    Blog Home This is where you can find all the blog posts throughout the site.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
Subscribe to this list via RSS Blog posts tagged in SAP security

Many small and medium sized companies struggle with this challenge. Let’s say they have a sales representative who’s located in another country. Which authorizations should he get? Should he have access to the SAP system at all? If so, should he be allowed to only see SAP reports (“view only”) or should he issue sales documents too? The answer is not easy, and might involve solving or remediating Segregation of Duties violations during the analysis process.

 iStock_000020168207XSmall.jpeg

Continue reading
Hits: 6766 0 Comments

Do you know the best way to handle ongoing new T-Code and development requests? Should the CIO approve allocating the resources for business requirements as they pop up or should he thoroughly inspect each application first?

 iStock_000006052358_XSmall.jpeg

Continue reading
Hits: 5407 0 Comments

True Story

A customer from a large enterprise came to us and said, “Our company has an ‘open policy.’ We trust our employees, so we grant all of them SAP_ALL. We know that SAP_ALL includes all authorizations in the system but everything’s working fine and our authorizations are very easy to maintain, as you’d expect. But we need to spot the people who are taking advantage of this freedom and going beyond their permitted activities; those who are misusing their authorizations and, based on their job descriptions, going where they’re not allowed. For instance, we have a sneaking suspicion that some people in the warehouse are exploring payroll records.”

iStock_000034870080Small.jpg

Continue reading
Hits: 6746 5 Comments

We could have changed history!

In the famous fairy tale, Little Red Riding Hood approaches “Grandma” who is actually the Big Bad Wolf in disguise. After the initial moment of meeting, she notices that something’s wrong and starts to question her – “What a deep voice you have!” “What big eyes you have!” and finally “What a big mouth you have!” – which is the last uncertainty before she finds her way into the Wolf’s stomach.

iStock_000013421030Small.jpg

Continue reading
Hits: 5440 0 Comments

What’s really going on with your employees’ authorizations? Are they all in use, or should some be removed? Are you complying with SOX requirements? If you are like most people it’s just too much. Here's an eBook that will help you solve that problem. The link below will give you access to the free 50-page eBook about conducting a successful Authorization Review. It’s loaded with tons of knowledge, tips and tricks, and it’s based on years of our experience and experience from our customers.

authorization_review_book_cover.png.pagespeed.ce.9CzrcVjioB.png

Download_the_Complete_eBook_button.png

Continue reading
Hits: 6674 0 Comments

In 1914, American judge Louis Brandeis coined the famous quote “Sunlight is said to be the best of disinfectants,” and it has proven to be most accurate in 2014 too.

iStock_000009754186XSmall.jpg

Continue reading
Hits: 11142 0 Comments
Hits: 8766 2 Comments
Hits: 10836 1 Comment

“How Many Times?”

We, and our partners, often ask ourselves that very question after hearing case after case of employee fraud being committed at an enterprise. How many times will these companies endure suspicious activity by their employees before they get the right tool to send them alerts about it? How much money will they lose before they understand that there is a certain amount of usage data that cannot be monitored manually?

Continue reading
Hits: 6736 4 Comments

How you can maintain GRC compliance if you have users with dangerous SAP_ALL

(This is the short version of an article regarding the pervasive SAP_ALL Authorization Profile. Download the full article including examples and screenshots here).

Continue reading
Hits: 8114 0 Comments


Headquarters

+972-3-624-4245

157 Yigal Alon Street,

Tel Aviv 67443, Israel

info@xpandion.com

US Office

+1-800-707-5144

33 West 19th Street, New York,

NY 10011, USA

info.us@xpandion.com

India Office

+91-989-2546216

C 103, Akruti Orchid Park, Andheri-Kurla Road,

Andheri East, Mumbai, India

info@xpandion.com