Take Your Hands off of SAP T-Code SU01!

In many organizations, the access to the sensitive SAP T-Code SU01 is much wider than needed. Let’s explore why. SU01 is used for different purposes, most commonly to create new user accounts, reset users’ passwords and Lock/Unlock user accounts. System…

Continue Reading

Eliminating the Wrong Guy…

A couple of years ago, we included a “Lock User” button feature into our security product. If you received a “very high” alert, you could log into the system, catch the fraud in action, press the “Lock User” button and…

Continue Reading

The Dreaded SAP_ALL Power Profile

How you can maintain GRC compliance if you have users with dangerous SAP_ALL? The authorization profile, SAP_ALL has such vast amounts of authorizations inside that it is mistakenly known as “the profile that can grant everything in the SAP system”.…

Continue Reading
Page 3 of 3
1 2 3
Close Menu