Posts Currently viewing the category: "security-blog"
Migration to S4HANA

Xiting offers a free S/4HANA role migration analysis tool to estimate the impact of a S/4HANA migration on your roles and authorizations. S/4HANA is the next generation of enterprise software from SAP, and it comes with an entirely new security model. With S/4HANA, SAP has decided to combine, replace or remove…(Read More)

SU24 Tips and Tricks

The first two blogs dealt with fields which you should and respectively should not maintain as SU24 proposals for roles. The example of SAP standard organizational level fields is already dealt with in blog 2 to introduce fields which you should not maintain in SU24, but that is because you should maintain them in the…(Read More)

SU24 Tips and Tricks

There are fields of objects which uniquely belong to applications which are dealt with in the 1st blog of the series. The complete opposite exists as well for fields that have no place in SU24 proposals. They are role specific, or SU24 proposals are an overkill of maintenance. Related content: Which fields should be maintained…(Read More)

SAP Access Control GRC IDM Integration

As mentioned previously in our blog CIRM: Compliant Identity and Role Management in Practice, you are able to integrate your SAP Access Control (GRC) and SAP Identity Management (IDM) to leverage its functionalities. In this blog, I would like to give you an overview of the possibilities of how to connect your SAP Identity Management…(Read More)

Everybody who knows the old SAP Identity Management Web DynPro user interface knows how unattractive it is. Therefore, some of our customers requested a nicer, modern and user-friendlier UI. As a result, we had to develop something new for the market. Our decision fell on SAP Fiori because it works on every device (computer…(Read More)

SU24 Tips and Tricks

Introduction to the blog series When creating a role in PFCG and adding objects to the menu, the authorizations maintenance will automatically merge authorization proposals from transaction SU24 into the role. How accurate and complete these proposals are, depends on maintaining accurate and complete SU24 proposals. Strong maintenance results in robust roles for the end…(Read More)

In this article, I’ll the discuss the differences between direct vs. indirect role assignment in the context of SAP authorizations. Each assignment scenario has its pros and cons, and you can use both independently or in combination to complementary each other. What are direct role assignments? Authorization roles (and profiles) are directly assigned to…(Read More)

Subscribe to our SAP Security Newsletter

Stay up to date with the latest SAP security news and receive valuable tips and tricks by subscribing to our newsletter.