Articles

Articles

Created on Monday, 08 September 2014 14:35

SAP Security Manager

in Category: Security & Authorizations by Moshe Panzer
If you’re in the SAP Security field you ought to know that with a complex application like SAP, it is really not sufficient to only secure the communication and only prevent people from logging in from external IPs. The “big money” lies in the data: an employee who commits fraud or sells sensitive customer data to the outside can generate a huge...
Created on Wednesday, 03 September 2014 13:48

SAP Audits: Jargon and Preparation

in Category: Security & Authorizations by Moshe Panzer
What Is an SAP Audit and What Does It Include?In general, when somebody says that they have an SAP Audit, it can be interpreted as mainly two things: Either they have an audit by SAP, which is probably a licensing-related SAP Audit, or they have an audit of their SAP system (to distinguish it from other applications within the organization)...
Created on Wednesday, 23 July 2014 17:30

How to Use the SAP T-Code SUIM Correctly

in Category: Security & Authorizations by Moshe Panzer
How to Use the SAP T-Code SUIM CorrectlyGeneralThe SAP T-Code SUIM is one of the most popular T-Codes in SAP among security & authorizations, particularly because it summarizes many different SAP authorization aspects in one place. Although SUIM stands for “User Information System,” it’s commonly used to find answers to authorization-related...
Created on Tuesday, 06 August 2013 14:22

The Dreaded SAP_ALL Power Profile

in Category: Security & Authorizations by Moshe Panzer
The authorization profile, SAP_ALL has such vast amounts of authorizations inside that it is mistakenly known as “the profile that can grant everything in the SAP system”. These authorization profiles create security-holes, grant a huge amount of authorizations to people that can’t justify them, and expose the organization to possibilities of...
Created on Tuesday, 06 August 2013 10:10

Why You Should Use SUIM Very Carefully When Analyzing SAP Authorizations

in Category: Security & Authorizations by Moshe Panzer
SUIM: The Most Popular Activity for Analyzing SAP AuthorizationsIn many SAP audits or audit-related processes involving SAP systems – either while preparing for an audit or prior to a regular inspection for audit purposes – customers are guided by their auditors to use SAP T-Code SUIM (User Information System). Sometimes, the auditors themselves...
Created on Wednesday, 23 January 2013 14:33

8 Tips for a SAP Licensing Audit (SAP Licensing Series Part 1/3)

in Category: Security & Authorizations by Moshe Panzer
Once a year you receive an email reminding you that the time has come (again) to file your company’s SAP licensing report. Whether received directly from your regional SAP office or forwarded to you by your manager, an email mentioning an impending SAP audit is a stressful prospect in any organization. You are compelled to face decisions and...
Created on Thursday, 17 January 2013 18:20

How to Hack SAP®

in Category: Security & Authorizations by Moshe Panzer
This article deals with application security level only, providing explanations and examples pertaining to reducing business risk, protecting your enterprise's SAP applications and identifying hackers. The article is brought to you by Moshe Panzer, CEO of Xpandion, and is based on the company's vast experience in revealing, alerting and...
Created on Wednesday, 03 September 2014 16:24

Cloud ERP and SAP Cloud ERP

in Category: SAP Licensing by Moshe Panzer
Disclaimer: This is a behind-the-scenes document about Cloud ERP and SAP Cloud ERP that is mainly based on our field experience and ideas. Its purpose is to give a quick introduction to Cloud ERP and SAP Cloud ERP to Xpandion customers.What is Cloud ERP?The known acronym “ERP” stands for Enterprise Resource Planning software. ERP systems are...
Created on Thursday, 14 March 2013 14:23

SAP Audit Pre-Flight Checklist (SAP Licensing Series Part 3/3)

in Category: SAP Licensing by Moshe Panzer
Last call for joining the journey to a successful SAP audit!We began the journey with the right state of mind (see 8 Tips for a Successful SAP Licensing Audit), continued by creating the setting for producing the first draft of the audit report (see SAP Audits – 6 steps to Prepare Real Use Data) and finally, we are ready to conclude...
Created on Tuesday, 29 January 2013 16:26

SAP Audits: Preparing Real Use Data (SAP Licensing Series Part 2/3)

in Category: SAP Licensing by Moshe Panzer
Commencing on the journey to a successful SAP audit begins with the right state of mind;see 8 Tips for a Successful SAP Licensing Audit (Part 1 of 3). Continue the journey by following the next six steps to create the right environment for producing the first draft of your audit report.Download this article as PDF First Name *Last...
Created on Wednesday, 23 January 2013 18:19

SAP Licensing Quick Guide

in Category: SAP Licensing by Moshe Panzer
The SAP Licensing model is considered to be among the most complex and confusing in the generally bewildering area of software licensing. While many software vendors typically calculate their license fees by counting the number of active and inactive users, or by considering the number of servers and CPUs, SAP defines licenses according to usage...
Created on Wednesday, 03 September 2014 16:06

About SAP GRC – Behind The Scenes

in Category: GRC by Moshe Panzer
Important: this is a behind-the-scenes document about SAP GRC that is based mainly on experience and customer comments. Its purpose is to give a quick introduction to SAP GRC for Xpandion customers. Introduction – Where did SAP GRC come from?Like a couple of other products in the SAP world of applications, SAP GRC was an external...

Headquarters

+972-3-624-4245

157 Yigal Alon Street,

Tel Aviv 67443, Israel

info@xpandion.com

US Office

+1-800-707-5144

33 West 19th Street, New York,

NY 10011, USA

info.us@xpandion.com

India Office

+91-989-2546216

C 103, Akruti Orchid Park, Andheri-Kurla Road,

Andheri East, Mumbai, India

info@xpandion.com