Every year, SAP audits its customers’ systems and calculates the user-specific license fee based on the collected data. Many companies prefer to leave SAP users active when in doubt, however, out of concern that their day-to-day operations might be disrupted. They fear that a given user ID might still be used technically for background workflows or interface activities.
Use the SAST SUITE to analyze your SAP users, to find out about their actual usage and identify user IDs that are no longer in use. In addition to dialog users, we also focus on background and interface use. This holistic approach makes it possible to derive recommended actions and remove user IDs safely, without any negative side-effects. It’s a double win for you: with the very little effort required, a fast return on investment is practically certain.
Topics of focus:
• How to reduce your SAP license fees without affecting your day-to-day business
• Use the SAST SUITE to identify users that are no longer needed
• Step-by-step instructions for deactivating obsolete SAP users
• Best practice tips
-------------------------------------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
SAP -This has some collective details regarding SAP landscape and Golden client. I explored for my knowledge from SDN and google . beginners can have a look at this for understanding and interview .
SAP Business One; Step-by-Step Guide for Installation, configuration on Virtu...Nasir Gondal
This guide is very helpful for “SAP Business One” learners. I have explained – Installation of Server, Installation of SQL Server2005, Installation of client, Post installation important steps, how to setup new company in SBO and few common SBO problems.
I trust you will enjoy this step by step guide and its great learning experience.
(Nasir Gondal)
Modern Data Architecture for a Data Lake with Informatica and Hortonworks Dat...Hortonworks
How do you turn data from many different sources into actionable insights and manufacture those insights into innovative information-based products and services?
Industry leaders are accomplishing this by adding Hadoop as a critical component in their modern data architecture to build a data lake. A data lake collects and stores data across a wide variety of channels including social media, clickstream data, server logs, customer transactions and interactions, videos, and sensor data from equipment in the field. A data lake cost-effectively scales to collect and retain massive amounts of data over time, and convert all this data into actionable information that can transform your business.
Join Hortonworks and Informatica as we discuss:
- What is a data lake?
- The modern data architecture for a data lake
- How Hadoop fits into the modern data architecture
- Innovative use-cases for a data lake
This document gives an overview of SAP organization structure from Business point of view. This will help in understanding organization of SAP vis-a-vis business org structure
As a functional consultant, When i working with different kind of projects or solving tickets or according to the client requirement, may required basis help to find out something which is more important that time. I got stuck many times and realized that few things functional consultant must know about basis.
Everyday learning a new skill only be positive for your career. SAP professionals who want to know SAP Basis basics, here is my slide share link for all...
Why Driving Progress With Octopus Through More Transparency And Accountabilit...Octopus Cloud AG
Octopus Provides in-depth knowledge about SPLA And how it functions. Service Providers who recently signed with Octopus SPLA And want to know about participation and guidance with a lot of questions about the SPLA Agreement in case everyone must be joined with Octopus’ platform for more reliable and relevant information. Octopus will give you a momentous vision.
SAP -This has some collective details regarding SAP landscape and Golden client. I explored for my knowledge from SDN and google . beginners can have a look at this for understanding and interview .
SAP Business One; Step-by-Step Guide for Installation, configuration on Virtu...Nasir Gondal
This guide is very helpful for “SAP Business One” learners. I have explained – Installation of Server, Installation of SQL Server2005, Installation of client, Post installation important steps, how to setup new company in SBO and few common SBO problems.
I trust you will enjoy this step by step guide and its great learning experience.
(Nasir Gondal)
Modern Data Architecture for a Data Lake with Informatica and Hortonworks Dat...Hortonworks
How do you turn data from many different sources into actionable insights and manufacture those insights into innovative information-based products and services?
Industry leaders are accomplishing this by adding Hadoop as a critical component in their modern data architecture to build a data lake. A data lake collects and stores data across a wide variety of channels including social media, clickstream data, server logs, customer transactions and interactions, videos, and sensor data from equipment in the field. A data lake cost-effectively scales to collect and retain massive amounts of data over time, and convert all this data into actionable information that can transform your business.
Join Hortonworks and Informatica as we discuss:
- What is a data lake?
- The modern data architecture for a data lake
- How Hadoop fits into the modern data architecture
- Innovative use-cases for a data lake
This document gives an overview of SAP organization structure from Business point of view. This will help in understanding organization of SAP vis-a-vis business org structure
As a functional consultant, When i working with different kind of projects or solving tickets or according to the client requirement, may required basis help to find out something which is more important that time. I got stuck many times and realized that few things functional consultant must know about basis.
Everyday learning a new skill only be positive for your career. SAP professionals who want to know SAP Basis basics, here is my slide share link for all...
Why Driving Progress With Octopus Through More Transparency And Accountabilit...Octopus Cloud AG
Octopus Provides in-depth knowledge about SPLA And how it functions. Service Providers who recently signed with Octopus SPLA And want to know about participation and guidance with a lot of questions about the SPLA Agreement in case everyone must be joined with Octopus’ platform for more reliable and relevant information. Octopus will give you a momentous vision.
Thousands of security-relevant settings in a common SAP system do not make it easy to implement a comprehensive security check. Although the DSAG test guide and other standards explain what should be checked, they do not show how this can be done, and certainly not what the ideal approach is. Therefore, in this webinar we will show you how you can effectively and efficiently control the security status of your SAP ERP and S/4HANA systems and what advantages a tool-based check offers you.
Topics of focus:
• Challenges with the implementation of security guidelines
• Overview of relevant regulations
• Project methodology for a security management process
• Advantages of tool-supported checks with the SAST SUITE
• Best practice tips
-------------------------------------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
Part III of III: SAP Advanced Authorization for SAP Global Deployments: Octo...NextLabs, Inc.
Part 2: SAP authorization model for Export Compliance
All global companies need to comply with one or more export compliance regulations when authorizing access to data. In Part 2, we will provide an in depth example of the authorization framework using export compliance as a showcase.
http://www.nextlabs.com/html/?q=web-request-webinar-information-risk-management
2. Rebalancing Support and Innovation_SAP UEM by KNOA_Erik FigueredoSing Yee Khoo
The first step in reducing the burden of support in your business is identifying the key issues being faced by users. Finding out what your people know, and what they need, means that you can prioritise your efforts to target those areas which will provide maximum impact. Using real data will drive the quick wins and incremental benefits you need to kickstart your innovation plans.
An overview of CobbleSoft\'s web-based Helpdesk and Service Management software: a reflection on today\'s buzzwords and where we were leading the industry 5 years ago.
Scom presentation from June 5th WebinarGSX Solutions
Collaboration tools help flatten the obstacles to communicate, enabling organizations to access talent and distribute work teams across the country, the region and the world with less need for co-location.
Find out how GSX Monitor & Analyzer and System Center Operations Manager are complimentary.
In order to maintain compliance in SAP systems, a well-established authorization management and a well-founded analysis of the separation of functions is necessary. This becomes all the more complex the more non-system solutions are available in your SAP ERP or S/4HANA landscape, because such systems usually have their own authorization structures.
It is therefore necessary to think about a reliable, cross-system authorization management in good time so that roles and authorizations are synchronized across all your SAP and non-SAP applications.
In this webinar, we will show you how to master comprehensive SoD analyses, business process analyses and the identification of authorization conflicts in the future – tool-supported and with a feasible administrative effort.
Topics of Focus:
• SoD analysis for SAP and non-SAP systems
• Cross-system authorization management with a central identity
• Evaluation of assigned roles and rights
• Advantages of the SAST User Access Management
• Best practice tips
-----------------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
Philips Lighting is changing from a mostly product oriented company into a Systems & Service company. SAP Hybris Service Cloud is supporting us in our business strategy, not only delivering innovative and excellent products, connecting manage our lighting systems, but also adding more value & service towards our customers. Join Jos Schrijen to hear how Phillips, innovator in healthcare, consumer lifestyle, and lighting products, successfully leverages multiple SAP Hybris solutions. Learn more: https://www.hybris.com/service
SAP applications contain large amounts of sensitive data: from personal to financial information. A targeted or even inadvertent disclosure of this data thus offers a potential attack surface. If someone from abroad logs in with the user of a designer from Germany, he should not be able to see any company-relevant drawings. A warehouse clerk often does not necessarily need to know what the contents of which package are, and a sales employee should be able to find the right product and packaging unit for quotations, but not necessarily be able to see the purchase prices. Data masking is therefore about protecting data that is there and also necessary, but which not everyone should see in every situation. Classic, static masking policies via authorisation concepts do not take into account the context of access risk and therefore force a compromise between data security and accessibility. This is where the concept of attribute-based data masking comes in: Additional targeted dynamic policies are used without the need for adjustments to SAP for implementation. In this way, fine-grained control is achieved over which information can be viewed by which users in which situation.
Focus of the webinar:
• Data loss prevention as a further protective measure for your sensitive data
• Why a good authorisation concept alone does not provide sufficient protection
• The advantage of dynamic masking measures over static ones
• Best practice tips for restricting views by location, IP address or time of access
-------------------------------------------------------------------------------------------------------------
Für Informationen auf Deutsch schreiben Sie uns gerne an: mail@sast-solutions.de
In this webinar, Dürr IT provides insights into how they can transparently present their risk situation with the SAP Security Dashboard of the SAST SUITE and also integrate relevant information into their SIEM system as well as make it available to the company-wide SOC. The focus is on a holistic view of regular punctual parameter checks in combination with real-time threat detection. In addition, we offer an overview of the optimal measures for the best possible risk minimization.
For more and more companies, the holistic overview of the current risk situation and the presentation of information is an increasing challenge. Management views of the current risk situation and its changes over time are required, as are detailed work lists and support for follow-up actions. All this with increasingly diversified contacts in security teams across the company.
Focus of the webinar:
• How dashboards transparently visualize changes in the risk situation
• Integrating SAP security islands into enterprise SIEM/SOC solutions
• Learnings for the implementation of successful SAP Security Dashboards
• Best practice approach to risk mitigation for SAP systems
-------------------------------------------------------------------------------------------------------------
Für Informationen auf Deutsch schreiben Sie uns gerne an: mail@sast-solutions.de
Year in and year out, the annual external audit is a given, as every SAP system and security administrator knows. Nonetheless, the current risk situation of the SAP systems is often uncertain. Have all the findings from the last audit really been rectified? Have new risks arisen in the meantime?
SAP authorization concepts are subject to continual change, which is why auditors check every year to make sure that authorizations like SAP_ALL and the SAP standard users are protected. The list of necessary measures is long: from installing security patches to checking and reducing critical authorizations. But the solution is simple: Don’t wait until the next audit! Instead, identify your vulnerabilities today. It’s the only way to guarantee the security of your SAP systems year-round and enable you to react to anomalies quickly.
In this webinar, we’ll show you how the SAST SUITE can help you define your top findings quickly, check critical authorizations efficiently, and keep your systems clean. You’ll never have to dread an auditor visit again.
Topics of focus:
- The next test is never far away – tips for effective follow-ups and optimal preparation for an audit
- Tool-supported identification and rectification of your top findings
- Stay clean through cyclical checks
- Best practice recommendations
-------------------------------------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
IT audits are a universally accepted quality measure and have become indispensable. As such, internal audits are increasingly being used in addition to annual reviews by external auditors, to check the configuration of SAP landscapes and user authorizations. Their benefits: They can analyze individual aspects in shorter intervals, help prepare for and follow up on annual audits, and provide optimal support to internal control systems.
It must be noted, however, that any audit merely provides a snapshot of the current situation. But what about analyses of transactions, changes, and system behavior? When and where have employees deviated from the specified working methods? Were differing settings intentionally changed back to the “target” state?
Take the initiative and round out your spot checks with automated real-time monitoring. Stop limiting your SAP security analyses to a single point in time and instead identify risks holistically, over freely definable periods. In our webinar, we’ll show you the new possibilities and describe how the SAST SUITE can help you optimize your internal control systems, while at the same time establishing reliable real-time monitoring of your SAP systems.
Topics of focus:
• The most frequently underestimated activities
• How to optimize cyclical analyses of the system configuration and user settings
• Why real-time analyses are so important for your IT security concept
• Benefits of tool-based checks using SAST SUITE
• Best practice recommendations
-------------------------------------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
Conflicts between employers and works councils often arise in particular due to divergent views regarding the implementation and use of technical facilities, including the ability to monitor IT workplaces.
The benefits of constructive cooperation between works council, IT department, and HR are apparent. In this light, we have designed a webinar that demonstrates how you can use the SAST SUITE for the fair monitoring of the IT workplaces at your company – while at the same time complying with the German Works Constitution Act.
In addition to portraying the relevant intersections, we will show you the options you have for planning and managing SAP users directly in the system, as well as indicate the limits defined by the relevant laws. We will also present a tried and tested procedure model with a focus on an optimized authorization concept in SAP systems, enabling you to avoid conflicts from the start.
Topics of focus:
• Legal basis of the German Works Constitution Act in combination with the SAST SUITE
• Transaction statistics in the standard SAP system
• Privacy and data protection despite data loss prevention
• Procedure model for proactive conflict avoidance
• Model works agreement
-------------------------------------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
Conventional authorization projects are based on a monolithic approach, with a standardized procedure model and a linear sequence of project phases with milestones. In an ideal project, where both the project factors and the final state are known, this approach might go well. But if changes occur during the project, things become more difficult, and the response is often to increase the resources or push the deadline back. Neither is an ideal solution for your project.
In our experience, SAP S/4HANA authorization projects tend to be highly dynamic, due to the lack of a clear overall strategy in the beginning and frequently changing requirements. This is a key reason why such projects fail.
Our SAP experts at SAST SOLUTIONS follow an agile project management approach that is perfectly suited to the complexity and dynamism in SAP S/4HANA projects. Take advantage of our extensive experience and benefit from rapid response times to changing requirements and a continuous optimization process.
Topics of focus:
• Frequent stumbling blocks in SAP S/4HANA authorization projects
• Comparison between “classic” and “agile” project management
• How you can benefit from the SAST project approach
• Best practice tips
-------------------------------------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
In practice, we often see SAP security projects that only offer a partial solution. Only rarely do such projects involve an end-to-end examination of all layers – from operating system to databases and applications, as well as concepts and policies.
At the same time, an all-encompassing approach to security is essential for projects involving the implementation of or migration to SAP S/4HANA, because the database, user interface, gateway, applications, and authorizations have all grown closer together. As a result, access to important data has become both more complex and more difficult to monitor – especially due to media discontinuity and access options at different layers. This means your framework authorization concept has to combine all these topics prior to implementation and define an end-to-end security strategy.
Ideally, all the security expertise needed for a comprehensive solution like this will come from a single source. This will guarantee perfect interplay between design and management, as well as monitoring, administration, and auditing. And you will also cover all the security areas, in the sense of a comprehensive SIEM system.
In this webinar, we will show you why SAST SOLUTIONS, with our highly specialized SAP experts in combination with our SAST SUITE solution, have just what you are looking for.
Topics of focus:
• The challenges of successful SAP S/4HANA security projects
• How to make sure your SAP S/4HANA implementation or migration is a success
• Benefits of support by SAST SUITE tools
• Best practice tips
-------------------------------------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
Only the permanent monitoring of all events allows you a reliable protection of your SAP systems. Thereby a real security incident can arise from a combination of several uncritical events.
In this webinar, Linde will provide insights on how to identify, evaluate and document such an incident as quickly as possible so that appropriate countermeasures can be taken. In case of an attack, the reaction capability has a considerable influence on the expected level of damage.
Topics of focus:
• What is needed for a reliable security monitoring
• Protection of your SAP systems on platform and authorization level
• Identification of vulnerabilities in real time
• Importance of security dashboards to analyze suspicious user activities
--------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
We all know how it goes – once a year, the auditor carries out an IT audit as part of the year-end audit. The idea is to flag potential threats in SAP cyber security, and in identity & access management.
In terms of risk, this procedure is no solution; rather, the step is taken much too late in the process to allow for any kind of quick reaction. Hackers may have already had ample time to take advantage of the risks. Despite this fact, many companies leave it too late to close loopholes.
In this webinar, we will show you a much better approach that addresses this discrepancy. Thanks to SAST SUITE, you can achieve continuous, highly efficient real-time monitoring of all critical and security-related changes to your SAP systems. This means you can act immediately. No more waiting until next year when the auditor is at your doorstep.
Topics of focus:
• Immediate detection of unauthorized authorization assignments
• Monitoring role allocation and any evasion of the dual control principle
• Proper reaction – without delay – to suspicious table change documents
• Cost-benefit analysis: manual downstream controls vs. intelligent real-time monitoring
-------------------------------------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
Administrating a large number of user accounts often presents companies with serious challenges. Especially when you consider how complicated most of the available standard tools are. The effort is hardly manageable if user identities also need to be maintained in several systems, directory services, or databases.
The lack of an option to manage user IDs and authorizations across multiple systems in a transparent way, not only leads to insufficient clarity and SoD conflicts; it also requires more effort to address those issues.
We will demonstrate how you can manage the identities, roles and authorizations of your SAP users efficiently and also on a shared S/4HANA system landscape.
Topics of focus:
• Challenges of Identity Management in SAP S/4HANA systems
• Reduction of effort due to automated authorization requests
• Real time risk assessment of critical authorizations
• Advantages of the SAST User Access Management
• Best practice tips
-------------------------------------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
When transforming authorization roles from your ERP system, there are many points to consider in parallel: For which transactions are there comparable counterparts, which must be exchanged, and which are even obsolete? To do this, you need to select the appropriate Fiori Apps for the new roles and, of course, you also need to adhere to your SAP authorization concept. This requires some preparatory work and analyses, especially if you plan to implement this work manually.
In this webinar we will show you how we can support you, shorten the migration period and at the same time greatly improve the quality and security of your roles. After all, it will be more expensive to clean up legacy issues only after migration - not to mention the damage caused by security holes that have been transferred.
Topics of focus:
• Challenges and necessary questions before project start
• Our project procedure at a glance
• Tips for identifying and eliminating risks in your SAP roles
• Advantages of the SAST Role Conversion Service
-------------------------------------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
It has long been no secret that cyber criminals particularly like to attack SAP systems. After all, they are perfectly suited as a backdoor for a company's highly sensitive data, and there is no better way to make money.
You can't prevent attacks, but with the right cyber threat detection strategy, you can be prepared, detect anomalies immediately and respond to security incidents immediately.
We'll show you how to properly assess threats, identify and neutralize real cyber-attacks before they can cause serious damage.
Topics of Focus:
• Building an SAP cyber security strategy you can trust
• Protection of your SAP systems on platform and authorization level
• Identification of weak points in real time
• Importance of security dashboards to analyze suspicious user activity
• Advantages of the SAST SUITE for your SAP Threat Detection measures
• Best practice tips for typical attack scenarios
-----------------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
Our audits are designed to help you determine your SAP landscape's actual risk exposure and pinpoint areas that are open to potential attacks. They include everything from your infrastructure and SAP system parameters to individual component configurations and authorizations.
Also if your company's migration to SAP HANA or S/4HANA is right around the corner. An audit offers an ideal solution for safeguarding your systems and taking all the necessary security measures before you start your transition.
Our approach is based on SAP's security guidelines, the recommendations of the German Federal Office for Information Security (BSI), and the information security standard DIN ISO 27001.
Topics of focus:
• Challenges, tools and proven methods
• Advantages of a root cause analysis and of the resulting risks for your company
• Quick check vs. audit vs. penetrationtest
• Our project approach at a glance
• Recommendations for the follow-up of an Audit
-----------------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
Although managed services are becoming a firm fixture in more and more IT areas, companies are still hesitant when it comes to SAP – even though almost all of them face similar challenges, including the specialized domain of SAP security and authorizations.
There is a shortage of specialist staff capable of ensuring GDPR-compliant monitoring of SAP systems, especially the sensitive personnel data they manage. Although they would like to monitor highly critical transactions, they often lack both the internal expertise and the suitable tools. Last but not least, although some companies monitor their IT systems in real time, the response times to alerts in the SAP environment are far too long to support a rapid response to identified threats.
Checking for vulnerabilities, flawed configurations, and critical authorizations on a regular basis is the only way to ensure SAP system security, however. With the SAST Managed Service, we can take care of all this for you, no matter whether your company is already playing in the Champions League of security or are only just starting out. We offer custom-tailored security and compliance solutions for both SAP ERP and SAP S/4HANA.
--------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
The maxim “Trust is good, but control is better” definitely applies to SAP systems, which constitute the core of many companies’ IT landscapes. The current security status of such systems should be known to more than just the SAP experts involved; indeed, this information is becoming relevant to more and more contacts at companies. As a result, it's all the more important that analyses be intuitive and user-friendly.
SAST Management Dashboard enables you to assess the security of your SAP systems at a glance. It analyzes key risks and presents the results in a visual format while also depicting trends over time.
At the press of a button, SAST Management Dashboard can provide you with a current status report based on risk KPIs you define in advance and reveal the causes of security flaws. The benefits are clear: You’ll have constant access to high-quality information regarding your present risk situation and you security will taken to the next level.
--------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
As anyone who works in the field of SAP Basis services will tell you, there's always something to optimize when it comes to user authorizations. What these efforts fail to do far too often, however, is remove transactions that are no longer in use from the respective roles. This leads to preventable risks with regard to the segregation of duties and unnecessary resource consumption in administration.
After conducting various tests on intelligent ways to streamline role profiles, RENK AG settled on one solution: the new Self-Adjusting Authorizations module of SAST SUITE. During authorization projects, it's not uncommon for our experts to find users with up to 500 SAP authorizations - only 25% of which they actually utilize.
With SAST Self-Adjusting Authorizations, you can implement tailored, fully streamlined roles without putting any restrictions on your day-to-day business - which is also the best way to prepare for your next SAP license audit.
--------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
Your efforts to protect your SAP systems won't be complete until you have reliable way to keep a constant eye on your transactions and applications. When you detect critical incidents right when they occur, you'll be able take immediate action in response. When you're under attack, your reaction time has a significant impact on the level of damage you can expect. It's not hard to see how a real-time solution like AKQUINET's SAST Security Radar pays for itself in short order.
Detecting attacks based on log files and analyzing network traffic requires in-depth knowledge of the potential paths and patterns such incursions can follow. This is because events relevant to security have to be filtered out of a sea of data and placed in the proper context.
--------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
How hackers are compromising S/4HANA and how you can protect yourself with SAST SUITE.
-------------------------------------------------------------------------------------
Significant changes are taking place in the world of SAP. By 2025, the majority of the company's customers will make the move to S/4HANA. The related preparations are fully under way – including among hackers who are looking to exploit every available security flaw.
Here, hackers have a key advantage: S/4HANA involves technology that’s not only extremely complex, but relatively new, as well. The risk of making configuration errors that could undermine security is definitely real.
-------------------------------------------------------------------------------------
Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
Comprehensive authorization management and the SoD analysis that comes with it are essential measures in safeguarding SAP systems, especially in the context of compliance. However, problems can arise when connecting external solutions to an SAP landscape. SAP Ariba, for example, comes with its own role and authorization concept - one that often doesn't match the SAP standard. This makes truly comprehensive SoD analysis simply impossible.
The solution? Cross-system authorization management that monitors roles and authorizations while factoring in all the relationships among them. The authorization management module of SAST SUITE makes it possible to customize SoD functions in a way that incorporates roles and permissions into SoD analysis, even when non-SAP systems like Ariba are involved.
In this webinar, you'll learn how to take control of extensive SoD and business process analyses while identifying authorization conflicts across multiple systems.
-------------------------------------------------------------------------------------Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
Fiori and S/4 authorizations: "What are the biggest challenges, and where do the risks lie?"
-------------------------------------------------------------------------------------Many SAP customers are currently planning to implement SAP S/4HANA or are already making the transition. Besides the extensive new architectural aspects involved, implementing S/4HANA and Fiori also changes quite a few longstanding rules in the area of SAP authorizations.
A number of transactions - some of which veteran SAP ERP users have come to hold dear - have either been integrated into other transactions, replaced by Fiori apps, or simply eliminated. Meanwhile, the consistent use of OData services in the context of Fiori has resulted in a variety of ramifications with regard to security design in both the front and back end.
------------------------------------------------------------------------------------- Für Informationen auf Deutsch, sprechen Sie uns gerne an: sast@akquinet.de
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
2. Agenda
Brief introduction Akquinet & USU
Which "optimization potentials" arise in relation to the SAP user?
Right Sizing: Assignment of the more favorable license type based on real usage
Blocking or restricting users - What factors should be considered?
Which approaches are suitable for the analysis?
How do I clean up user masters efficiently without causing disruptions?
Take Homes Messages
3. With the SAST SOLUTIONS portfolio of akquinet AG, we are your world-class provider for the holistic protection of
SAP ERP as well as S/4HANA systems - with real-time monitoring. In addition to our proprietary software suite, we
offer SAP security and authorization consulting and managed services from a single source.
Worldwide, more than 200 customers with 3.5 million SAP users currently rely on our vast expertise in protecting
their SAP systems from cyberattacks, manipulation, espionage and data theft.
Facts and figures
- 5 -
SAST SOLUTIONS customers worldwide
880
305
165
325
556
796
64
845
Employees
Turnovers Mio. €
5,3
16,3
41,5
28,2
118
2002 2005 2008 2011 2014 2018 2019 2020
132
125
akquinet AG
71
4. Your IT security is our number one concern – in real time.
All solutions from one source:
- 6 -
5. You have the choice for your SAP ERP and S/4HANA systems!
- 7 -
SAP Security & Compliance – make or buy?!
SOFTWARE SUITE CONSULTING MANAGED SERVICES
SAP Security Consulting
SAP Authorization Consulting
SAP HANA & S/4HANA Migration
SAP Threat Detection &
Vulnerability Assessment
SAP Cyber Security
SAP Access Governance SAP User & Authorization Management
6. 8
Discovery
Data collection
for all software
products
Professional
Services
Successful SAM is when
your experts work with
our experts
Optimization
Control and deep
optimization in the data
center and the cloud
License
Management
Compliance for
all vendors
AI &
ANALYTICS
7. Competence & experience in IT
44 years
in customer satisfaction & price/performance
No. 1
USU products used
185 countries
> 250
International partners
> 750
Employees worldwide
~100
Million Euro revenue (2020)
> 1.200
Customers worldwide
9
8. 10
USU Optimization
forecasts your potential
costs in the S/4HANA
world while revealing
cost-saving potential that
you can use against your
S/4HANA license
purchases.
S/4HANA Migration
USU Optimization
advanced analytics
compare your actual
software usage against
the assigned licenses. It
runs one-click simulations
that consider new or
different license types
which are less expensive.
Named User licenses
Indirect Access or Digital
Access? USU Optimization
helps analyze your
current indirect access
and simulates your
potential costs for
document licenses.
Indirect / Digital Access
Measure engine licenses
to ensure that each
engine is accurately
measured, no matter how
complicated it is by
linking and updating
SAP's ever-changing
metrics.
LoB/ Engines
USU Optimization gives
you full transparency over
all your SAP usages,
including Cloud Apps.
Significant savings can be
achieved through
identification and re-
harvesting of inactive
accounts.
SAP Cloud
9. Change in license measurement by SAP:
Das SAP's licensing model was applied for the first time in 2017 for authorized functions
(objects/transactions) instead of executed functions.
With LAW 2.0, SAP has since been measuring more and more customers also in Germany.
Changed measurement result and a higher importance of authorized functions in terms of license
costs.
Potentials in user clean-up:
The complexity of system landscapes and data exchange has increased.
- 11 -
Q1/2003
Q4/2017
!
Professional User: A Professional User is a defined user who executes operational roles supported by the Software.
The usage rights of the Professional User include the rights granted to a Limited Professional User.
10. Blocking or restricting users - what to consider?
The complexity of system landscapes and data exchange has increased
ID: P261165 (Max Müller)
SAP P11/100: MMUELER
SAP P21/200: P261165
Max.Mueller@cusomer.de
SAP P31/300: P261165
DB User: MUELLER
Max.Mueller@4711.customer.sap.de
- 12 -
11. External calls via connections as well as
internal dialog or work processes require
users and authorizations
The System and Communication user
types can be used to perform most of the
interface processing
Batch processes are controlled by
technical users to be scheduled
Blocking or restricting users - what to consider?
Even within a system there are different levels in data processing
External
systems
and
databases
(also
other
SAP
systems)
SAP System
Dialog
RFC
Batch
BAPI
Application Link
Enabling (ALE)
Remote Function
Call (RFC)
HTTP / HTTPS /
SOAP / REST API
12. Authorization structures have mostly grown historically.
Users have significantly more permissions than they need for their daily business.
User application processes based on existing users quickly inherit accumulations of privileges.
The safety aspect is also not to be neglected.
Blocking or restricting users - what to consider?
Total
Authorizations
Used
Transactions
What could have used? >> Professional User = 3,500 €
What was used? >> Worker User = 600 €
- 14 -
19. Procedure for analysis of user activity.
Analysis methods SAP Standard:
- 21 -
Evaluations of existing logs such as Workload Monitor
or Security Audit Log are available for the
Further processing of data not optimized
20. Procedure for analysis of user activity.
Optimized analysis methods with SAST SUITE:
- 22 -
ABAP + Tcode
Calls
Time period can be narrowed down
User apparent
Frequency apparent
Batch
processing
Batch programs in def. period
User apparent
Frequency apparent
RFC / HTTP / BAPI
usage
Interface usage
User to interface
Called RFC blocks
Called system
Tracing
User authorization trace
All users in long term race
Object usage in detail to user
21. Optimized analysis with SAST SUITE.
Seamless long-term trace / usage statistics (CCMS)
Recording of used objects + values over a long period of time
Recording of used transactions, RFC modules, ABAPs
Structured display optimized for analysis and further processing
Roles can be created at the push of a button for individual users or user groups
Precisely fitting rolls (minimum cutting)
The fastest way to minimal permissions!
- 23 -
✓
22. • Contract Analysis
• User activity
• Authorization analysis
• Demand analysis
• Indirect usage
• List of shelfware
Check Up
• Concept
• Inactive or duplicate users
• Righsizing the license
• Digital Access Analysis
• Indirect Access Analysis
• Simulations
Clean Up
• Authorization concept that
takes license metrics into
account
• Contract negotiation
consulting
• Decision Contract/ Product
Conversion
Tune Up
Size Up
24
23. Pre-tuning
User activity
Interfaces
Batch processes
Recommendation for action
Analysis
Concept
Time limit inactive users
Roll processing
Clean Up Set up fallback scenario
Changeover
Hyper Care Phase
Safe GoLive
Effiziente Methodik zur berechtigungsseitigen Bereinigung
- 25 -
24. Optimize the license costs in the user masters.
Take Home Messages:
- 26 -
+
+
+
+
+
Transparently analyze your contract and usage situation in ECC.
Simulate your future need for license e.g., for SAP S/4HANA.
Optimization of user-based licenses with efficient approach and use of modern
analysis methods.
Minimization of authorizations through automated role creation on a trace basis.
For contract negotiation you will receive a complete shelfware list for exchange.
Complete analysis and recommended action for optimizing user licenses
for a system available in a short period of time.
+