SAP Security is a concept that can and will be defined in many ways.
Depending who you are talking to you will get different answers:
Make sure there is a swift process that creates users when needed and removes them when idle.
SAP Security is all about authorization objects and their values combined in single (master) roles, derived roles and composite roles. Its purpose is to make sure that users are properly equipped to execute their job.
‘Segregation of Duties’
The main purpose of SAP Security is that we make sure there is a rule set that is aligned with our business risks and that we control all SoD’s in our active user community.
Getting the application secured through timely updates and by optimizing system parameters, client settings, password rules, access lists, logging & monitoring is of the utmost importance.
‘Role Based Access Control’
Every user should get a pre-approved role based on his/her function in the organization. Clear ownership needs to be defined in the business
All business rules and controls should be correctly listed, prioritized and coded and all provisioning related processes run themselves.
XL Security knows that each and every description above is true by itself but is not necessarily complete. Every application is as strong as its weakest spot and SAP is no different. I will always advise your company with the big picture in mind but will also be able to focus on one of these topics when needed. SAP Security is a concept which can be affected by high level business decisions but can also be disturbed by ‘nitty gritty’ technicalities. With the end-to-end approach of XL Security you can never go wrong.