The Team at InsideSAP, Author at InsideSAP Asia https://insidesap.asia/author/the-team-at-insidesap/ The independent resource for SAP professionals in Asia Mon, 26 Jun 2023 06:07:02 +0000 en-US hourly 1 https://insidesap.asia/wp-content/uploads/2020/01/cropped-InsideSAP-Asia-logo-SQUARE-32x32.png The Team at InsideSAP, Author at InsideSAP Asia https://insidesap.asia/author/the-team-at-insidesap/ 32 32 The Evolution of SAP Security, Access Control, and IAM https://insidesap.asia/the-evolution-of-sap-security-access-control-and-iam/ https://insidesap.asia/the-evolution-of-sap-security-access-control-and-iam/#respond Thu, 22 Jun 2023 06:00:00 +0000 https://insidesap.asia/?p=13773 To identify the most suitable SAP access provisioning choice for your organisation, it is important to understand the progression of SAP security, access control, and identity access management (IAM). Read the article below or download the PDF In the early days of SAP (R2), users were granted SAP access using SAP profiles. This later transformed […]

The post The Evolution of SAP Security, Access Control, and IAM appeared first on InsideSAP Asia.

]]>
To identify the most suitable SAP access provisioning choice for your organisation, it is important to understand the progression of SAP security, access control, and identity access management (IAM).

Read the article below or download the PDF


In the early days of SAP (R2), users were granted SAP access using SAP profiles. This later transformed into SAP roles through the Profile Generator (PFCG). To enhance the provisioning process and address the issue of SAP authorisation creep (users gradually being assigned additional access), SAP implemented the ability to assign SAP roles to the HR Organisation Structure. Whenever a user was assigned to an HR position within SAP, they would automatically be assigned the SAP roles associated with that HR position.

SAP Composite Roles were introduced to improve provisioning efficiency by grouping multiple single roles within a data container. When an SAP user is assigned an SAP Composite Role, they gain access to all the individual roles included in the Composite Role.

Over time, the significance of access risk management grew exponentially. The practice of granting SAP access without considering its potential risks became increasingly unsustainable. Consequently, this gave rise to the development and implementation of access control solutions, such as Governance, Risk, and Compliance (GRC) systems.

At first, access control solutions primarily assessed the SAP systems to detect access risk violations and conducted ‘What-If’ simulations to evaluate the potential risks of proposed role allocations. As access control solutions advanced, they incorporated additional features such as User Access Reviews and role provisioning. The introduction of the Business Role concept facilitated role provisioning. A Business Role functions similarly to an SAP Composite Role, serving as a data container for a group of roles (from multiple SAP systems). When a user is assigned a Business Role, they automatically inherit all the roles associated with that specific Business Role.

In most cases, a Business Role provides greater flexibility compared to an SAP Composite Role in access control solutions, allowing for partial assignment. For example, if an accounts payable clerk only needs 80% of the functionalities offered by the ACCOUNTS PAYABLE CLERK Business Role, it can be assigned partially. On the other hand, an SAP Composite Role is less flexible because once it is assigned, all the individual roles associated with it become available to the user. Business Roles can also include roles from multiple SAP systems, where Composite Roles are limited to roles from the one SAP system.

Identity and access management (IAM) solutions were implemented to effectively handle identity management throughout the IT environment and streamline the Joiner-Mover-Leaver procedure. By enabling access provisioning for various systems and solutions, it was anticipated that IAM solutions would overcome previous provisioning difficulties and greatly enhance the efficiency of onboarding and user provisioning. Moreover, IAM solutions also catered for the Business Roles, which surpassed the limitations of access control solution Business Roles restricted to SAP s ystems. IAM solution Business Roles encompass roles from diverse systems, including both SAP and non-SAP platforms.

Utopia? Almost, but not quite.

The integration of access control solutions and IAM solutions has posed significant challenges in practice, hindering organisations from reaping the benefits of a mutually beneficial relationship between risk management and provisioning. Consequently, organisations must decide which solution will handle the overlapping tasks and functions.

Outlined below are some of the functions that can be performed by both access control and IAM solutions:

Selection of the appropriate solution for each function is critical in attaining an organisation’s desired business objectives. Each solution presents its own set of advantages and disadvantages, influenced by factors such as business goals, system and application types, and the number of solutions involved.

For organisations with extensive SAP footprint, effectively managing access risk and maintaining a balance between provisioning efficiencies and access control are paramount. If an IAM solution is chosen to handle overlapping activities, the desired level of access risk management may not be attained. In such cases, utilising the access control solution for provisioning SAP access could yield the desired outcome.

Conversely, if an organisation has a limited SAP footprint and does not require comprehensive SAP access risk analysis, an IAM solution might be sufficient.

The choice of solution depends on the specific needs of the organisation.

Is opting for a hybrid model the right choice?

To achieve a balance between provisioning efficiencies and effective access risk management, one possible approach is to adopt a hybrid model.

For organisations with a significant SAP footprint and a strong focus on access risk management, an access control solution can be implemented to handle all overlapping activities within SAP systems. Simultaneously, an IAM solution can be utilised for all non-SAP systems.

An alternative approach involves utilising the access control solution for designing Business Roles and then replicating them in the IAM solution for provisioning purposes. By defining Business Roles in the access control solution, it becomes possible to leverage historical usage data and access risk information to create suitable Business Roles for specific user groups.

While implementing a hybrid model has certain drawbacks, such as requiring some business users to operate in two separate systems, it can effectively address the organisation’s need for managing SAP access risks while simultaneously improving the efficiency of SAP user provisioning to an acceptable extent.

Conclusion

Every method has its advantages and disadvantages, and there isn’t a single solution that fits every situation perfectly. When deciding, it’s important to take into account your organisation’s requirements, business goals, SAP footprint, and priorities for managing risks.

For optimal decision-making, collaboration between the SAP security and cyber teams is essential. They should engage in discussions and debates for each specific scenario to determine the most suitable solution for the organisation.

A hybrid approach might be the most favourable option, striking a balance between efficient provisioning and effective management of access risks.

Soterion hosts a podcast called ‘SAP Security & GRC’, dedicated to helping organisations on their journey to effective access risk management in SAP.

Soterion’s CEO, Dudley Cartwright covers topics related to SAP security and GRC, providing insights and tips from industry experts as well as his experience over the decades. Episodes are available in audio and video formats and are between 15-40 minutes long. The podcast is available on all major platforms, such as Apple Podcasts, Spotify, Google Podcasts, etc.

Where to find the podcast:


This article is sponsored by Soterion

The post The Evolution of SAP Security, Access Control, and IAM appeared first on InsideSAP Asia.

]]>
https://insidesap.asia/the-evolution-of-sap-security-access-control-and-iam/feed/ 0
Soterion Launches Informative SAP Security and GRC Podcast https://insidesap.asia/soterion-launches-informative-sap-security-and-grc-podcast/ https://insidesap.asia/soterion-launches-informative-sap-security-and-grc-podcast/#respond Sun, 02 Apr 2023 23:00:00 +0000 https://insidesap.asia/?p=13653 Soterion, an industry leader in access risk management, has recently launched a new podcast called ‘SAP Security & GRC’ focused on helping organisations achieve effective access risk management in SAP. Hosted by Dudley Cartwright, the CEO of Soterion and a renowned expert in the field, the podcast covers a wide range of topics related to SAP […]

The post Soterion Launches Informative SAP Security and GRC Podcast appeared first on InsideSAP Asia.

]]>
Soterion, an industry leader in access risk management, has recently launched a new podcast called ‘SAP Security & GRC’ focused on helping organisations achieve effective access risk management in SAP. Hosted by Dudley Cartwright, the CEO of Soterion and a renowned expert in the field, the podcast covers a wide range of topics related to SAP security, compliance, and industry news.

The podcast features interviews with experts from the SAP community who share their experiences and knowledge on topics such as identity and access management, SAP security controls, audit, and compliance. The discussions are informative, engaging, and accessible to both technical and non-technical listeners, with episodes available in audio and video formats and ranging from 15 to 40 minutes long.

One of the key features of the podcast is its focus on practical tips and solutions for SAP security and compliance. Listeners can expect real-world scenarios and actionable advice on how to address common challenges faced by SAP users.

The podcast is a valuable resource for Governance, Risk, and Compliance practitioners working in the IT or Finance departments of organisations running SAP. Whether you are a security consultant, an IT manager, or a business owner, you will find the podcast to be a valuable resource for improving your SAP security posture.

Listeners can access the podcast on all major platforms such as Apple Podcasts, Spotify, Google Podcasts, and more. To stay up to date with new episodes, visit Soterion’s website to subscribe and receive notifications. Additionally, viewers can watch the episodes on Soterion’s YouTube channel and subscribe to receive notifications of new uploads.

Soterion’s SAP Security & GRC podcast is a must-listen for anyone interested in SAP security and compliance. With its expert guests, practical advice, and insightful discussions, the podcast provides a wealth of information and knowledge that will help you stay ahead of the curve in the fast-evolving world of SAP security.

Take Me to the Podcast

  • Visit Soterion’s website and subscribe to receive notifications of new episodes: https://soterion.com/podcast/
  • Watch the episodes on Soterion’s YouTube channel and subscribe to receive notifications of new uploads.
  • Alternatively click here to find the link to the podcast on your platform of choice or type ‘SAP Security & GRC’ in your Podcast app and follow to receive notifications of new episodes.

This article is sponsored by Soterion

The post Soterion Launches Informative SAP Security and GRC Podcast appeared first on InsideSAP Asia.

]]>
https://insidesap.asia/soterion-launches-informative-sap-security-and-grc-podcast/feed/ 0
SAP plans to layoff 3,000 employees and plans to sell Qualtrics https://insidesap.asia/sap-plans-to-layoff-3000-employees-and-plans-to-sell-qualtrics/ https://insidesap.asia/sap-plans-to-layoff-3000-employees-and-plans-to-sell-qualtrics/#respond Thu, 26 Jan 2023 22:36:54 +0000 https://insidesap.asia/?p=13529 SAP SE plans to layoff 3,000 employees worldwide as part of the global restructuring currently underway in the tech sector. SAP is also exploring a sale of it’s Qualtrics division which it acquired 4 years ago. Unlike most tech companies, especially the FANG companies, SAP did not expand extensively during the pandemic. SAP disclosed alongside […]

The post SAP plans to layoff 3,000 employees and plans to sell Qualtrics appeared first on InsideSAP Asia.

]]>
SAP SE plans to layoff 3,000 employees worldwide as part of the global restructuring currently underway in the tech sector. SAP is also exploring a sale of it’s Qualtrics division which it acquired 4 years ago. Unlike most tech companies, especially the FANG companies, SAP did not expand extensively during the pandemic.

SAP disclosed alongside its fourth-quarter earnings that it intended to begin a “targeted restructuring program in selected areas of the company” that would affect about 2.5% of its employee base. Commenting in the earnings call after the release of the quarter’s earnings, Chief Executive Christian Klein said

“While we know these changes are necessary, it is never easy to make decisions that affect our colleagues in this way”

SAP explains that the restructuring is meant to “further focus on strategic growth areas by aligning our operating models and go-to-market approach with our accelerated cloud transformation.”

With respect to Qualtrics sale, Mr. Klein indicated

“SAP believes that this potential transaction could unlock significant value for both companies”

Shares of Qualtrics were up nearly 30% in midday trading Thursday and were trading at $15. Shares of SAP were off about 2% and were trading at $114 on the New York Stock Exchange (NYSE).

30 day stock performance of SAP and Qualtrics

Layoff statistics amongst tech companies

  • Amazon – 18,000
  • Google – 12,000
  • Meta (FaceBook) – 11,000
  • Microsoft – 10,000
  • Salesforce – 8,000
  • Cisco 4,100
  • IBM – 3,900
  • SAP – 3,000
  • Crypto.com 2,000

The post SAP plans to layoff 3,000 employees and plans to sell Qualtrics appeared first on InsideSAP Asia.

]]>
https://insidesap.asia/sap-plans-to-layoff-3000-employees-and-plans-to-sell-qualtrics/feed/ 0
Mitigate 5 Key Business Risks with an Access Control Solution https://insidesap.asia/soterion/ https://insidesap.asia/soterion/#respond Thu, 12 Jan 2023 06:14:17 +0000 https://insidesap.asia/?p=13496 One of the key takeaways from a recent IDC Vendor Spotlight, sponsored by Soterion is the following – Access control is central to the management of key business risks. This article is an excerpt taken from the IDC Vendor Spotlight detailing IDC’s views summarised as 5 key business risks that access control solutions can help […]

The post Mitigate 5 Key Business Risks with an Access Control Solution appeared first on InsideSAP Asia.

]]>
One of the key takeaways from a recent IDC Vendor Spotlight, sponsored by Soterion is the following – Access control is central to the management of key business risks.

This article is an excerpt taken from the IDC Vendor Spotlight detailing IDC’s views summarised as 5 key business risks that access control solutions can help manage.

5 Key Business Risks

  1. Financial

Financial processes must be designed to prevent fraud by those inside the business. Segregation of duties is a key technique to protect against fraud, the principle being that transactions must always require action from two or more staff, making it extremely difficult for an individual to commit fraud and more errors are likely to be picked up.

  1. Reputational

Organisations must protect their reputation among customers and investors. The failure of risk management processes can have a big impact on the reputation of a business as well as direct financial losses or legal repercussions.

In Europe, a series of corporate scandals and failures have made the public aware of the fact that not all businesses meet the standards required of them, reducing trust in the business in question. This loss of trust can have a material impact on brand value and the share price of listed companies.

  1. Regulatory

Applying processes that manage risk goes beyond good business practice. All businesses are legally required to comply with regulations determined by the jurisdictions in which they operate. Organisations in certain industries such as financial services and pharmaceuticals must adhere to a specific set of regulations driven by the types of products they develop and sell.

Auditors will check compliance with these regulations. Critically, it is not enough for an organisation to show that no failures occurred; regulators and auditors must see that robust processes are in place to ensure continued compliance.

  1. Privacy

An example of a set of regulations that apply to all organisations in Europe are those set out in the General Data Protection Regulations (GDPR). All businesses that operate in Europe must treat personal data in line with a set of rules that control the way data is collected and consent for its use, storage, and retention is handled. There are serious penalties for organisations that breach these regulations.

  1. Access Control

Processes designed to mitigate financial, reputational, and legal risks are the first part of the solution; access control is the second. The effectiveness of business processes is contingent on the correct people actioning each step of the process. Risk management is ultimately in the hands of people who must perform the role defined for them precisely. Individuals with access rights to systems that are too broad may find they are able to circumvent or compromise processes designed to protect the business.

Compliance is a Complex and Evolving Challenge

The CFO is the primary owner of risk management, answerable to the board, and holding a personal legal responsibility. In Europe, the regulatory burden has been rising as the EU in particular seeks to protect consumers and investors and reduce systemic risks in certain industries.

The financial crisis of 2008 in particular triggered a wave of new regulations. CFOs had to respond quickly and received investment to upgrade systems and processes to meet emerging requirements, but in most cases, compliance was achieved by adjusting existing systems to meet the new requirements of regulations such as MIFID, IFRS, and SOX.

Is your access control solution working for you?

It’s worth revisiting your access control processes to ensure they’re keeping up with changing regulations and best practices. Get in touch with one of Soterion’s SAP security consultants to explore how we can help solve your GRC objectives.

More about Soterion

Soterion is an international leading provider of governance, risk, and compliance solutions for organisations running SAP. Soterion’s user-friendly GRC solutions provide in-depth access risk reporting to allow organisations to effectively manage their access risk exposure.

Soterion is passionate about simplifying the governance, risk, and compliance processes, with a focus on translating this complexity into a business-friendly language to enhance better decision making and business accountability. Email info@soterion.com for more information.

Download the full IDC Vendor Spotlight

Source: IDC Vendor Spotlight, Sponsored by Soterion, Soterion: Managing Risk and Ensuring Compliance Through Application Access Management, Doc. #EUR148915922, March 2022

Original article published on Soterion’s Website

The post Mitigate 5 Key Business Risks with an Access Control Solution appeared first on InsideSAP Asia.

]]>
https://insidesap.asia/soterion/feed/ 0
Streamline Test Data Management and Drive Efficiencies in SAP Processes https://insidesap.asia/streamline-test-data-management-and-drive-efficiencies-in-sap-processes/ https://insidesap.asia/streamline-test-data-management-and-drive-efficiencies-in-sap-processes/#respond Sun, 27 Nov 2022 20:00:00 +0000 https://insidesap.asia/?p=13447 The success of new or modernized software depends on the processes followed by development teams to ensure successful, bug-free deployment in a live environment. Factoring Test Data Management early on in the dev cycle takes the heat off the QA team at the final stage. It also improves developer productivity, ensures security of production data, […]

The post Streamline Test Data Management and Drive Efficiencies in SAP Processes appeared first on InsideSAP Asia.

]]>
The success of new or modernized software depends on the processes followed by development teams to ensure successful, bug-free deployment in a live environment. Factoring Test Data Management early on in the dev cycle takes the heat off the QA team at the final stage. It also improves developer productivity, ensures security of production data, lowers costs, and shortens time-to-market.

Drive Efficiency and Provide Value in your SAP DevOps Journey

Users struggle with timelines due to the time spent in copying full production databases, executing a system refresh and validating data within the SAP landscape. A growing production database may also lead to further technical difficulties, which are exacerbated if the team has to deal with insufficient and poor quality data. This leads to lengthy development cycles and unsatisfactory results in the live environment. Organizations need high-quality data that is current and relevant when creating test environments on SAP. Conventional tools often replicate too much test data as well, costing IT valuable time and infrastructure resources. Qlik Gold Client improves the quality of data of non-production SAP environments by matching it to the actual production data. You can copy good quality data into the system and over time help restore the development life cycle. It will also reduce the associated risks that can occur when an excessive number of transports are released while following the traditional data copy process. This speeds up the testing process and lowers the outflow on infrastructure resources. The end result is a streamlined testing cycle with higher developer productivity and a firm check on the storage footprint of non-production data.

Benefits of Qlik Gold Client for Agile Data Management

  • Qlik Gold Client lets users copy both master and/or transactional data from one SAP client into another in a highly selective manner.
  • Data copies do not require any downtime
  • Additional hardware is not required
  • Entirely within own SAP namespace
  • Export once, import many
  • Assign roles—like admin, developer, testing, security—to let users access very specific functions

Work with Production or Non-production Data in Various Situations

Qlik Gold Client is used for various scenarios including production support, shorten test cycles, reduce infrastructure costs, mask confidential information when it leaves production, work with S4/HANA POC and enable SAP teams to move data faster in DevOps, divestiture and transformations to adhere to GDPR security regulations. In each scenario, Qlik Gold Client lets developers:

  • Quickly select and copy relevant production or non-production data for testing purposes.
  • Copy production data related to a support issue into a lower-level system which would allow users to troubleshoot and perform root cause analysis.
  • Copy real data for training purposes rather than create the training data sets manually.
  • Protect sensitive data—such as personally identifiable information (PII), tax IDs, bank account numbers, etc—by masking so that it is not at-risk in lower-level systems.

No registration required.

This page is sponsored by Qlik

The post Streamline Test Data Management and Drive Efficiencies in SAP Processes appeared first on InsideSAP Asia.

]]>
https://insidesap.asia/streamline-test-data-management-and-drive-efficiencies-in-sap-processes/feed/ 0
SNP’s EXA launches new Product Carbon Footprint solution for SAP ecosystem to drive ESG https://insidesap.asia/snp-exa-launches-new-product-carbon-footprint-solution-for-sap-ecosystem-to-drive-esg/ https://insidesap.asia/snp-exa-launches-new-product-carbon-footprint-solution-for-sap-ecosystem-to-drive-esg/#respond Thu, 13 Oct 2022 01:00:00 +0000 https://insidesap.asia/?p=13317 Pioneering solution to forward the Environment, Social, Governance (ESG) agenda for the SAP ecosystem Data-driven approach to decarbonising global value supply chains Democratisation of data enables sustainable, intelligent enterprises Product to enhance SNP’s growing analytics portfolio Heidelberg, Germany | Singapore, October 13, 2022 – EXA is an SNP company and leading provider of transformation solutions […]

The post SNP’s EXA launches new Product Carbon Footprint solution for SAP ecosystem to drive ESG appeared first on InsideSAP Asia.

]]>
  • Pioneering solution to forward the Environment, Social, Governance (ESG) agenda for the SAP ecosystem
  • Data-driven approach to decarbonising global value supply chains
  • Democratisation of data enables sustainable, intelligent enterprises
  • Product to enhance SNP’s growing analytics portfolio
  • Heidelberg, Germany | Singapore, October 13, 2022 – EXA is an SNP company and leading provider of transformation solutions in financial management that focuses on the areas of operational transfer pricing and global value chains. Now, SNP has announced the launch of EXA’s next-generation Product Carbon Footprint solution: SNP PCF is a cradle-to-gate solution that builds a global bill of material for each product based on finance and logistics data from source SAP ERP systems. This allows to assign carbon emissions to the most granular level of activities such as procurement of each material from external suppliers as well as every value-added activity within the company.

    Gerald Faust, MD & CEO, Asia Pacific Japan and Middle East, SNP, says,

    “SNP PCF is a new milestone in the continued expansion of SNP’s software portfolio in the SAP environment, which already includes data transformation, data management and analytics. With the new solution, SNP is contributing to the world’s target of reducing the carbon footprint by 45 percent and achieving net zero by 2050.”

    Divya Vir Rastogi, CEO and co-founder of EXA, adds, “there is an urgent need for manufacturers to address the challenge of decarbonisation. Proper carbon footprint determination and management not only happens at the level of single products, but down to the level of each individual material and production activity. Only then, carbon emissions can be assigned correctly and rolled up to the product level. While carbon emission values can be secured from suppliers or from LCA databases, companies can assign actual emission values to various activities. Most industry sectors struggle with getting reliable and verifiable data to build global bill of materials to quantify CO2 emissions for their products. SNP PCF delivers the data they need and helps quantifying greenhouse emissions associated with products.”

    About SNP

    SNP is a world-leading provider of software for managing complex digital transformation processes. Instead of traditional IT consulting in the ERP environment, SNP offers an automated approach using specially developed software: The Data Transformation Platform CrystalBridge(R) and the SNP BLUEFIELDTM approach allow companies to restructure and modernize their IT landscapes much more quickly and securely as well as migrate to new systems or cloud environments more securely. This gives customers clear qualitative advantages while at the same time reducing their time and costs.

    The SNP Group has around 1,300 employees worldwide. The company is headquartered in Heidelberg, Germany, and generated revenues of around EUR 167 million in the 2021 fiscal year. It serves multinational companies in all industries. SNP was established in 1994, went public in 2000, and has been listed in the Prime Standard segment of the Frankfurt Stock Exchange since August 2014 (ISIN DE0007203705). Since 2017, the company has been trading as a European company (Societas Europaea/SE).

    The post SNP’s EXA launches new Product Carbon Footprint solution for SAP ecosystem to drive ESG appeared first on InsideSAP Asia.

    ]]>
    https://insidesap.asia/snp-exa-launches-new-product-carbon-footprint-solution-for-sap-ecosystem-to-drive-esg/feed/ 0
    SAP Access Risk Management: Soterion Featured as a Solutions Provider https://insidesap.asia/sap-access-risk-management-soterion-featured-as-a-solutions-provider/ https://insidesap.asia/sap-access-risk-management-soterion-featured-as-a-solutions-provider/#respond Sat, 08 Oct 2022 01:01:34 +0000 https://insidesap.asia/?p=13302 Leading IT market research and advisory firm IDC, has outlined benefits, as well as challenges associated with SAP access risk management, and actions required to drive improvement in access control in a recent IDC Vendor Spotlight, sponsored by Soterion. In this article, we look at the key challenges associated with SAP access risk management, as outlined […]

    The post SAP Access Risk Management: Soterion Featured as a Solutions Provider appeared first on InsideSAP Asia.

    ]]>
    Leading IT market research and advisory firm IDC, has outlined benefits, as well as challenges associated with SAP access risk management, and actions required to drive improvement in access control in a recent IDC Vendor Spotlight, sponsored by Soterion.

    In this article, we look at the key challenges associated with SAP access risk management, as outlined by IDC, and how Soterion’s software can assist with overcoming these challenges.

    Read or download the full IDC Spotlight

    Three key challenges associated with SAP access risk management

    1. SAP access management is highly complex and is difficult to maintain as business, processes, and regulations change

    Managing SAP access rights is highly complex due to the vast array of process and role configurations that organisations can and do utilise within their SAP applications. As organisations evolve and adopt new applications, the burden of managing access rights only increases, leading to increased costs and risks, particularly the chance of audits identifying control weaknesses resulting from SAP access irregularities.

    Staying on top of SAP access rights is a challenge due to the vast number of possible access permutations and the rate at which they must be updated to keep up with organisational change. The rate of business transformation and pace of regulatory change will only increase, so organisations must find a way of preventing increased SAP access risk becoming a product of this environment.

    2. Poor access management can lead to compromised processes that present a business risk and audit failures

    Poor access management is most likely to be identified either during a statutory or internal audit, as these audits set out to identify weaknesses in an organisation’s processes that present a risk to the organisation and its various stakeholders, customers, and suppliers.

    But, as the IDC Spotlight points out, the cost of poor access management extends beyond the risk of fraud and the cost of remediation. Incorrect access rights can be the root cause of an array of process inefficiencies, where users underutilise the technology available to them as they are unable to fully capitalise on it.

    Where SAP users do not have the correct access, businesses can experience downtime (end-user waiting for appropriate access) as assigning new access and getting the necessary approvals from line managers and risk owners can take time. There is also a link between access rights and software licensing. Over-allocated access can lead to paying for more licenses than what is required by the organisation.

    3. SAP access management is technical in nature, but access decisions are best made by risk owners and line managers

    SAP ERP manages access via the transaction code, which is assigned to an SAP role. The SAP role in turn is assigned to the SAP user.

    This sounds reasonable and straight-forward, but vast dimensions of typical SAP installations mean that it is not:

    • Over 140,000 transaction codes in SAP ECC
    • Thousands of users that are not easily aggregated into roles with identical or highly similar access needs
    • Often multiple legal or geographic entities with separate SAP installations and separate access management needs
    • Frequent changes in access management requirements due to reorganisations, spin-offs, consolidations, changes in business scope, etc.

    Despite this technical nature, IDC says this shouldn’t be left to the technical experts alone.

    Access management responsibilities must be shared between the IT function and the process owners and managers. Business process owners are best placed to determine the rights required to execute a task within the relevant compliance rules, while managers are best placed to allocate roles to the individuals they manage.

    Importantly, these business owners will be able to proactively manage and maintain access rights within their domain, given the right tools. This helps move access management from an annual reactive activity toward being an exercise in continuous compliance.

    Empowered business owners will be able to map processes, identify weaknesses, and implement improvements. Understanding precisely how individuals interact with SAP processes enables organisations to apply the principle of least privilege to each member of staff, reducing risk without harming productivity.

    SAP access must be managed proactively, and to do this a tool is required to monitor, interpret, and optimise each user’s access as it pertains to their role.

    In the IDC Vendor Spotlight, IDC profiles Soterion as an SAP access management solution that helps business managers understand, implement, and monitor access to SAP, reducing risk and improving efficiency.

    Here’s what they had to say about Soterion:

    Soterion software tackles the challenge of the changing nature of SAP access rights – with an access management solution that helps business users see how users utilise their access in practice and highlights the business implications of poorly configured access rights.”

    The work that Soterion has done to convert technical access rights data into insights that business decision-makers can understand and monitor continuously will help access management become proactive, rather than something to be tackled periodically ahead of an audit.”

    IDC highlighted some of the standout features of Soterion’s solutions including its:

    Business-centric design

    “Decisions regarding SAP access are best made by those that understand the business context in which processes and the staff who interact with them operate. Soterion’s tool helps visualise the relationship between access rights and business processes, highlighting weaknesses in a way that managers can quickly comprehend. The power of this tool is that it puts control in the hands of those best placed to make decisions.”

    Reporting capabilities

    “A key differentiator of Soterion is its reporting capabilities, which illustrates access risks in business process flow diagrams.”

    Simplified language

    “For business users that are not SAP transaction code experts, it simplifies understanding where in the business process the conflicting access resides. By converting the technical GRC language into a language the business users can understand, can help in making better decisions and making business users more involved and accountable in the process. Ultimately, this can improve the overall capability of the organisation to manage its risk.”


    Take your SAP access risk management to the next level?

    Get in touch with one of Soterion’s SAP security consultants for advice or feel free to email info@soterion.com to discuss your organisation’s GRC needs.

    This article is sponsored by Soterion

    The post SAP Access Risk Management: Soterion Featured as a Solutions Provider appeared first on InsideSAP Asia.

    ]]>
    https://insidesap.asia/sap-access-risk-management-soterion-featured-as-a-solutions-provider/feed/ 0
    Streamline your SAP test data management and SAP modernization initiatives https://insidesap.asia/qlik/ https://insidesap.asia/qlik/#respond Mon, 19 Sep 2022 21:00:00 +0000 https://insidesap.asia/?p=13259                                                                  Qlik Gold Client helps you improve the availability, security and quality of data in your non-production SAP environments, thereby increasing developer productivity while maintaining referential […]

    The post Streamline your SAP test data management and SAP modernization initiatives appeared first on InsideSAP Asia.

    ]]>
     
    Request Demo                                                             Watch Video

    Qlik Gold Client helps you improve the availability, security and quality of data in your non-production SAP environments, thereby increasing developer productivity while maintaining referential data integrity and reducing storage requirements.

    • Streamline test data management
    • Powerful data masking
    • Impressive data subsetting
    • Use with BW or BW on HANA
    • Support data privacy compliance
    • Facilitate business divestitures
    • Enable SAP HANA modernization

     

     

     

     

     

     

     

     

     


    About Qlik

    This page is sponsored by Qlik

    The post Streamline your SAP test data management and SAP modernization initiatives appeared first on InsideSAP Asia.

    ]]>
    https://insidesap.asia/qlik/feed/ 0
    See Qlik Data Integration and Analytics in Action with AWS https://insidesap.asia/see-qlik-data-integration-and-analytics-in-action-with-aws/ https://insidesap.asia/see-qlik-data-integration-and-analytics-in-action-with-aws/#respond Thu, 18 Aug 2022 03:52:32 +0000 https://insidesap.asia/?p=10846 Learn how you can automate continuous delivery of real-time, analytics-ready data into AWS Data Warehouses or Data Lakes and make it easily accessible through a governed catalogue. Request a demo and talk with our solution experts, and learn how you can do more with Qlik and AWS, including: Real-time data for analytics in AWS Automated SAP data analytics […]

    The post See Qlik Data Integration and Analytics in Action with AWS appeared first on InsideSAP Asia.

    ]]>

    Learn how you can automate continuous delivery of real-time, analytics-ready data into AWS Data Warehouses or Data Lakes and make it easily accessible through a governed catalogue. Request a demo and talk with our solution experts, and learn how you can do more with Qlik and AWS, including:

    • Real-time data for analytics in AWS
    • Automated SAP data analytics in AWS
    • Mainframe modernization with AWS
    • Agile data warehouse automation for Redshift
    • Data Lake ingestion and automation
    • Analyse Data in AWS with Qlik Sense

    See Qlik and AWS In Action


    About Qlik

    VINCI Energies: Using Qlik Gold Client™ to Carry Out a Large-Scale Migration Project

    In 2018, VINCI Energies carried out one of the most significant Global S/4HANA migrations. The project was recognized by SAP as one of the most innovative projects of 2018. VINCI Energies also received an SAP Innovation trophy in 2019. Watch this video to find out how this leading company has developed a clear strategy with Gold Client, to carry out a large-scale migration project.

    Data is the new Gold for Lenovo’s Strategic Advantage

    Learn how Qlik enables Lenovo to discover insights faster and helps sales and operations teams deepen customer relationships.

    This page is sponsored by Qlik

    The post See Qlik Data Integration and Analytics in Action with AWS appeared first on InsideSAP Asia.

    ]]>
    https://insidesap.asia/see-qlik-data-integration-and-analytics-in-action-with-aws/feed/ 0
    How a Luxury Retailer Uses Near Real-time Data to Improve Customer Service and Grow Market Share https://insidesap.asia/how-a-luxury-retailer-uses-near-real-time-data-to-improve-customer-service-and-grow-market-share/ https://insidesap.asia/how-a-luxury-retailer-uses-near-real-time-data-to-improve-customer-service-and-grow-market-share/#respond Wed, 13 Jul 2022 23:00:00 +0000 https://insidesap.asia/?p=13072 Combining SAP and Google BigQuery for Success Access to vital SAP data Founded in Germany in 1881, the luxury department store Breuninger is one of Germany’s most successful fashion and lifestyle businesses. With 5,500 employees, it offers 1,200 brands across 13 department stores in Germany and Luxembourg and an online storefront in Austria, Germany and […]

    The post How a Luxury Retailer Uses Near Real-time Data to Improve Customer Service and Grow Market Share appeared first on InsideSAP Asia.

    ]]>
    Combining SAP and Google BigQuery for Success

    Access to vital SAP data

    Founded in Germany in 1881, the luxury department store Breuninger is one of Germany’s most successful fashion and lifestyle businesses. With 5,500 employees, it offers 1,200 brands across 13 department stores in Germany and Luxembourg and an online storefront in Austria, Germany and Switzerland.

    Breuninger’s primary aim is to preserve and expand its market share by delivering excellent customer service. However, identifying customer needs and acting quickly with marketing campaigns relies on gaining real-time access to large amounts of data tied up in its SAP systems. The data access was problematic because traditional Extract, Transform, Load (ETL) processes require a lot of labor-intensive manual scripting and are prone to human error. Inaccurate and untrusted data is delivered when engineers add new data sources to brittle ETL pipelines.

    Breuninger’s fragmented technology stack further complicated access to vital data, with many silos such as CRM, ERP, billing, inventory and POS, all with their sources and requirements. “SAP holds data on many corporate functions and also our 60-year-old Breuninger Card – a loyalty program built around an SAP sub-module,” says Matthias Krenzel, Head of Data Platform Services, Breuninger.

    “One of our unique challenges was to get that data out of SAP faster because our CRM team needs close to real-time data to drive its campaigns. The key was how quickly after purchase we could enable customers to share their insights on what they had just bought, and that meant getting the data out of SAP as fast as possible.”

    Quicker data pipeline builds

    Breuninger decided to use BigQuery, Google Cloud’s fully managed enterprise data warehouse. BigQuery’s data security features make it ideal for the sensitive datasets held in SAP systems; it can accommodate both SAP and non-SAP data and easily integrates with SAP.

    The missing component for near real-time data access was a tool to transfer data from SAP to BigQuery efficiently. Already a satisfied user of Qlik analytics software, Breuninger chose the open, end-to-end Qlik Data Integration platform featuring Qlik Replicate.

    “Having our warehouse based on BigQuery, we wanted tight integration with the existing stack,” adds Matthias. “We did not want to start from scratch and needed a solution that would leave us free to concentrate on our core competency of serving the customer.”

    For a proof of concept (POC), Breuninger set up SAP as the data source, and the initial target was a PostgreSQL database in Google Cloud and from there on to BigQuery. In the POC Qlik’s engineers set up the pipelines in just a few hours, and the POC revealed that data delivery was as near real-time as possible. Qlik Replicate allows Breuninger to integrate SAP data with other data from various sources across the company then consolidate it all in BigQuery.

    Near real-time data for sound decisions

    Continuous end-to-end availability of analysis data, automated processes and Qlik’s Change Data Capture (CDC) technology enables the company to deliver faster data for decision-makers. Decreasing daily SAP demands also means it can reduce money spent on external SAP contractors.

    “The Qlik solution automatically carries over any schema changes at the source to the target and is nearly maintenance-free, to the point that I would say it’s the least maintenance-intensive pipeline we run,” says Matthias. “When I didn’t get any error messages, I had to keep checking that Replicate was still working. It was!”

    Looking to the future, Breuninger plans to add new SAP data sources for new use cases and is now looking to extend the use of the Qlik Data Integration platform to other source systems beyond SAP. It is also looking at CDC for other on-prem relational databases.

    “Effective use of data analytics in real-time to address customer needs is a critical part of our business as a modern retailer,” concludes Matthias. “With Qlik Data Integration automating the flow of data from SAP and various other systems into BigQuery, we’re confidently able to respond to market changes with the timely data we need for good business decisions.”


    This article is sponsored by Qlik

    The post How a Luxury Retailer Uses Near Real-time Data to Improve Customer Service and Grow Market Share appeared first on InsideSAP Asia.

    ]]>
    https://insidesap.asia/how-a-luxury-retailer-uses-near-real-time-data-to-improve-customer-service-and-grow-market-share/feed/ 0