en
In our Power Workshop for SAP Authorizations, we review your existing authorization concept together with you to determine whether it covers current requirements. A key focus is on the aspect of future viability, which we realize through maintainability, efficient functionality and maximum security. Whether your authorizations need a redesign or just a revision and what your path to SAP S/4HANA will look like, we work out on the basis of your individual prerequisites and requirements.
Authorizations in SAP systems form the basis for identity & access management. They enable users to access the applications they need to perform their tasks. Since functional and organizational requirements are subject to change, SAP authorizations must be regularly checked and reworked. This is the only way to ensure that processes are mapped securely and completely correctly from a technical point of view.
In order to identify and minimize risks in authorizations and to assign them correctly via the SAP user lifecycle, the use of supporting solutions from identity & access management is recommended.
Identity Lifecycle Management is part of enterprise security and describes all processes for assigning roles and authorizations - from when an employee joins the company, through changing responsibilities or even department changes, to when he or she leaves.
SAP offers the following solutions for maintaining and managing access rights and users:
These solutions, individually or in combination, enable an efficient and compliant operation of target systems. This includes the detection and minimization of risks as well as the process-based provisioning and removal of users and accesses.
The tools of the SECMENDO product suite extend the capabilities of existing identity & access management (IAM) solutions. The goals are improved user experience, enhanced functionality and more efficient processes.
Redesigning authorizations when switching to SAP S4/HANA or cleaning up existing authorizations on legacy systems − an efficient authorization and role concept is the basis for secure and functional operation of SAP systems.
Together with you, we develop appropriate authorizations for your systems and processes. In workshops with your business departments, we create concepts for assigning employees the rights they need. The goal is to define so-called job roles, which represent job profiles at the job level.
With these methods, we not only help you with the implementation. You can also maintain and manage the solutions yourself afterwards, or you can trust us to run them for you: We call this Customer Success.
To prevent risks, authorizations must be regularly checked and revised. Since an overall view is extremely difficult with a large number of users, the use of add-on solutions is a good idea.
SAP Access Control is a product to identify risks, mitigate risks and automate workflows.
SAP Identity Management focuses on the traceable management and consistent distribution of digital identities throughout their lifecycle - assignment, repeated adjustments, deletion. The solution makes it possible to flexibly map individual workflows so that required user accounts, roles, and authorizations can be assigned in a rule-based and automated manner.
The SAP Cloud Identity solutions enable authentication (IAS), single sign-on (SSO) and provisioning (IPS) against SAP cloud systems. Especially in a hybrid system landscape and in the communication between on-premise and cloud systems, these products enable complete integration.
Break down grown structures and clean up your roles and authorizations in preparation for SAP S/4HANA.
Optimize SAP authorizations and customize SAP roles based on an SAP authorization trace.
Many previously used transactions become obsolete and are dropped. In their place, some new ones will be added and replaced/enhanced by SAP Fiori apps. This inevitably leads to the need to revise authorizations after an upgrade to SAP S/4HANA. To simplify the revision of authorizations, it is strongly recommended to maintain the authorization default values (SU24). This must be done before the upgrade if it has not already been done. This will automatically provide the new transactions with the previous authorization values. The subsequent maintenance effort is significantly reduced.
In addition to the classic authorizations already mentioned, Fiori authorizations must be created for apps. These are added to the roles in the form of tiles and catalogs and assigned to the users. Here, too, it must be ensured that the catalogs and tiles meet the technical requirements and reflect job profiles.
Identity lifecycle management is part of enterprise security and describes all processes for assigning roles and authorizations − from when an employee joins the company, through changing responsibilities or even department changes, to when he or she leaves.
Identity & Access Management solutions, individually or in combination, enable efficient and compliant operation of target systems. This includes the detection and minimization of risks as well as the process-based provisioning and removal of users and accesses.
The tools of the SECMENDO product suite extend the capabilities of existing SAP Identity & Access Management (IAM) solutions. The goals are an improved user experience, enhanced functionality and more efficient processes.
A selection of our customers
