Xpandion is joining forces with best-of-breed ERP data security leader, Appsian. Together, we will revolutionize how organizations protect their sensitive business data and ensure segregation of duties. For 14 years, Xpandion has been on a mission: to help organizations create…
Lately, I have received a flood of calls regarding GDPR asking why we have not published anything on the subject yet. The latest call was from a senior consultant in one of the Big-4 firms asking what Xpandion’s stance is…
When you are a SAP security person, responsible for managing access control for all employees in the organization, you hold a very powerful position. In comparison to programmers who have a lot of control over their specific work, the authorization…
In the past couple of years Xpandion has been involved in creating and integrating self- service user portals. Customers either wanted to use Xpandion’s self-service user portals, or they needed integration between ProfileTailor Dynamics’ portal and their own user portal.…
We recently met with a few of our global customers as well as prospective clients, and we were able to gain a great deal of insight regarding one of the most talked about topics, segregation of duties. Some of the…
One of our partners recently told us a story. A potential customer whose business management and SAP audit team LOVED our product – loved the feature that grants authorizations automatically in multiple systems, the feature that alerts managers to risky…
You Can Continue to Copy Users in SU01, but be Smart about it! How does your organization create user accounts for new employees? How do you grant authorizations? Most organizations use the method of copying an existing user account, slap…
This blog discusses in short, four effective methods that give high value to security managers by reducing manual work and simultaneously increasing security levels. The idea for this blog came from speaking with senior SAP security individuals, CISOs as well…
How do you choose the best single authorization role to grant a user who has just sent a request for additional authorizations? This is a complicated process for most organizations as there are thousands of roles that exist. Even if…
SoD (Segregation of Duties) and GRC (Governance, Risk, and Compliance) experts are vital members of any publicly traded organization that relies on SAP. In the long run it can be a rewarding and lucrative position that greatly influences the procedures…