Secure your SAP and minimise risks
At Inprosec we have a solid experience in SAP security services and, therefore, we can help you with the implementation of policies and procedures that improve productivity and avoid risks in SAP systems, such as role design, SAP security assessment, identity management and customised projects.
Reduces SAP user accesses that may pose risks or conflicts
We use the best practice methodology to review and create task-based roles, minimize SoD conflicts and guarantee the role model to save time on processes.
SAP® Security Assessment
Check the security level of your SAP® systems
The SAP Security Assessment is an integral security product that Inprosec offers to its clients to provide information on the main risks existing in SAP ® systems.SAP ® systems.
One of the biggest issues regarding Segregation of Duties (SoD) in SAP systems is the lack of information about it. Is it a problem or not? Are the existing risks specific from several departments or process?; etc. Inprosec offers a Risk Analysis to SAP customers in order to provide them with reliable and concise information about SoD Risks.
- To have information regarding SoD Risks in SAP systems.
- To define actions and improvement proposals to reduce SoD Risks in SAP Systems.
The first step to understanding and reducing SoD risks in a SAP system is to know how the Role Model is built and also how it is assigned to users.
Inprosec offers a Role Model Analysis, due to the SoD Risks and the transactional usage, in order to analyze the hypothetical reduction of risks using the current role model or by introducing a comparison against the implementation of a Role Model based on Best Practices.
This service also includes a SoD Risk Analysis because it is necessary to perform a proper Role Model Analysis.
With this service, the company can get an overview of the security level of the SAP Systems, including the following sections:
- Users and passwords.
- IT Sensitive Access Risk Analysis.
- Technical Analysis of Vulnerabilities.
- Security Parameters.
- Performance System Overview.
- Policies and Procedures.
The goal of the Intrusion Test in SAP systems is to compromise them, simulating a cyber attack in order to find out the security weaknesses, both from the targeted platform or from any other surrounding system.
Another major challenge in making SAP systems more secure is designing and developing secure custom applications (commonly called Z).
Inprosec offers a code analysis that helps companies to guarantee that those custom applications do not present security vulnerabilities or performance problems in order to ensure the required quality and regulatory compliance.
With the results from this report, it will be possible to perform specific actions to correct and improve the application performance, in order to satisfy both internal and external audit requirements.
Optimise access management of your SAP® systems
Single Sign On
One of the biggest issues, that affects companies that present multiple SAP systems, is the effort spent in password management. The implementation of a Single Sign On in SAP systems will result in a reduction of the required effort in this task, due to the fact that the user will only need to choose which SAP system wants to access without typing neither his/her SAP user and password.
- Reduction of the time and effort spent in password management (creation and modification).
- Reduction of risks related to the publication of passwords by users.
Implementation SAP IDM
One of the biggest challenges is to achieve an efficient and productive access management process. SAP Identity Management supports companies to centralize identities (one person can have several users under one unique identity). SAP IDM has a free license to use it in SAP systems (however, it is not free for Non-SAP systems).
- Allows the usage of Password Self-Service without the need of other application´s licenses.
- Allows the creation of Approval Workflows previous to the access assignment.
- Creation, Modification and Deletion of users in any system (not only SAP).
- Assignment of accesses based on positions. If an employee promotes to GM, IDM will assign the accesses needed in the required system and will remove the previous ones.
Our expertise and flexibility at your disposal
Due to the adaptability of Inprosec, while doing its projects, there are a lot of them that cannot be directly assigned to any of the business areas described above. These are the most relevant ones:
- Process Automatization (Scripts) through transaction LSMW.
- Setting up of security applications in SAP Solution Manager: EarlyWatch Alert, Service Optimization Service and Configuration Validation.
- Installation of the tool “Read Access Logging”.
- SAP Licensing Audit.