BLOG

Advice from our experts 

The Three Most Sensitive T-Codes Ever: What Are They?

What are your organization’s top three most sensitive T-Codes; the ones that you’re really careful about granting? You’ve had to think about this before, either during an authorization-inspection project, a GRC project or when asked by an auditor. Can you name the “top three?” I’m sure you can. And I’m

Read More »

5 Astonishing Truths about GRC in SAP Environments

Here are 5 amazing facts based on our vast experience with SAP customers required to maintain SOX compliance, GRC consultants and auditing firms. 1. The focus is on compensating controls much more than on eliminating risk. …and it should be the opposite. Many people, when they do find an SoD

Read More »

6 Surprising Facts about SAP Licensing

In recent years there have been many major developments in the field of usage inspection and customers are starting to analyze the true needs of their software investments. Despite this, having performed numerous SAP Licensing assessments, we’re still finding these 6 befuddling occurrences reappearing again and again: 1. No clue

Read More »

6 Shocking Discoveries about SAP Authorizations

Here are 6 harsh realities that we discovered from our customers: 1. Users are still using SAP_ALL Power Profiles Although SAP doesn’t recommend using the power profile SAP_ALL, many organizations are still using it. They should definitely not. This authorization profile enables way too much activity. Having power users with

Read More »

The Curse of the Unused: Z_UNUSED_TCODE and Y_UNUSED_ROLE

In 1914, American judge Louis Brandeis coined the famous quote “Sunlight is said to be the best of disinfectants,” and it has proven to be most accurate in 2014 too. Many of our current and potential clients fear what may be revealed when the light is shined upon them. Some

Read More »

Do You Understand the Meaning of Behavior-Based Profiling?

Xpandion creates “behavior-based profiling” for business applications. Sounds impressive, huh? However, do you know what it means, exactly? Our customers often understand the benefits of our products: how they save time, increase security and lower costs. However when it comes to the hows, they go numb. We’ll hear, “Yes, I’m sure it’s all

Read More »

Take Your Hands off of SAP T-Code SU01!

In many organizations, the access to the sensitive SAP T-Code SU01 is much wider than needed. Let’s explore why. SU01 is used for different purposes, most commonly to create new user accounts, reset users’ passwords and Lock/Unlock user accounts. System Administrators use SU01 to create users and change user’s details,

Read More »

Eliminating the Wrong Guy…

A couple of years ago, we included a “Lock User” button feature into our security product. If you received a “very high” alert, you could log into the system, catch the fraud in action, press the “Lock User” button and prevent the thief from stealing. Bam…. you’re the hero. Well,

Read More »

The SAP Security Paradox: Irregular User Activity

“How Many Times?” We, and our partners, often ask ourselves that very question after hearing case after case of employee fraud being committed at an enterprise. How many times will these companies endure suspicious activity by their employees before they get the right tool to send them alerts about it?

Read More »
Close Menu

This website stores cookies on your computer. These cookies are used to collect information about how you interact with our website and allow us to remember you, in order to personalize your experience. To find out more about the cookies we use, see our Privacy Policy.