Lately, I have received a flood of calls regarding GDPR asking why we have not published anything on the subject yet. The latest call was from a senior consultant in one of the Big-4 firms asking what Xpandion’s stance is…
When you are a SAP security person, responsible for managing access control for all employees in the organization, you hold a very powerful position. In comparison to programmers who have a lot of control over their specific work, the authorization…
In the past couple of years Xpandion has been involved in creating and integrating self- service user portals. Customers either wanted to use Xpandion’s self-service user portals, or they needed integration between ProfileTailor Dynamics’ portal and their own user portal.…
We recently met with a few of our global customers as well as prospective clients, and we were able to gain a great deal of insight regarding one of the most talked about topics, segregation of duties. Some of the…
One of our partners recently told us a story. A potential customer whose business management and SAP audit team LOVED our product – loved the feature that grants authorizations automatically in multiple systems, the feature that alerts managers to risky…
You Can Continue to Copy Users in SU01, but be Smart about it! How does your organization create user accounts for new employees? How do you grant authorizations? Most organizations use the method of copying an existing user account, slap…
This blog discusses in short, four effective methods that give high value to security managers by reducing manual work and simultaneously increasing security levels. The idea for this blog came from speaking with senior SAP security individuals, CISOs as well…
“Leaving us so soon, Mr. Solo?” This famous quote might sound good in the movies, but in a business environment, the event of an employee leaving your company can cause some serious security issues if not treated properly. Let’s talk…
It’s hard to start a career in any field, particularly the highly specialized field of GRC in SAP. The good news is that you know this is a direction you’d like to take. The question is how. I recently read…
The Gate Keeper for SAP Licensing Who’s in charge of SAP licensing in your organization? Is it you? A dedicated Licensing Manager (aka Software Asset Manager, aka SAM)? Maybe it’s the IT manager or the CIO? Someone is doing this…