Search

The latest edition of the SAPinsider benchmark report released recently turns its focus towards cloud security trends. With several SAP customers either in the process of migrating to S/4 HANA Cloud or putting it in their future roadmap, cloud security is gaining greater significance. The report puts out some key insights into how SAP customers…

In November 2020, California voters passed Proposition 24, the California Privacy Rights Act (CPRA) (full text here). To be clear, the CPRA does not replace the existing California Consumer Privacy Act (CCPA). Instead, it’s more accurate to describe the CPRA as an amendment of the CCPA, providing additional context and closing some of the ambiguity…

Organizations that use PeopleSoft manage thousands of users. Most of these users have limited roles that only allow them to perform job-related tasks. But there is a subset of users who have been granted access to perform specific actions or access certain information that is restricted to other users. These actions or information may include…

Due to digital transformation initiatives, the risk of exploitation at the application layer continues to increase. Critical applications, including SAP, are migrating to the cloud, connected with third parties, or made remotely accessible, leading to a higher risk of vulnerability exploitation. These changes have made SAP vulnerability management increasingly difficult. SAP security teams are hard…

For some organizations, internal control management is only a periodic, “point-in-time” view of routine financial controls. While completing an ad hoc control assessment might tick the box for some basic compliance exercises, it lacks effectiveness if the actual purpose is to protect organizations from a growing number of internal threats. One of the biggest threats…

Manual Processes are Inefficient and Prone to Human Error Today, re-certifying user access is a long, labor-intensive process that can be prone to human error. The process becomes more challenging when you consider that access certification projects are typically executed in multiple siloed campaigns for each business application. Needless to say, the recertification process remains…

While many organizations rely on SIEM solutions to detect threats that lurk within their IT infrastructure, they are usually blind to user activity within SAP applications. Traditional SIEM tools use defined rules, machine learning, correlation models, and AI to identify relations between the entries and identify anomalies. Unfortunately, this principle cannot be applied to SAP…

Businesses use governance, risk, and compliance (GRC) software to help keep them consistently prepared through effective management of various processes and documentation. A growing sea of regulations including SOX, GDPR, and CCPA provide a compliance challenge for businesses. However, businesses can automate their compliance programs through the use of GRC tools, which helps effectively eliminate…

Granting timely access to new users isn’t always as easy as it sounds, especially for teams relying on spreadsheets, email chains, and other manual processes to ensure that users get the access they need. The tedious and error-prone provisioning process can often take days, resulting in lost time, money, and productivity for your team. With…