Clik here to view.
When SAP® users get sleepy
“Dormant” SAP usersSome licensing-optimization tools for SAP, including ProfileTailor LicenseAuditor claim that they can identify “dormant user accounts”. Some customers don’t understand what this...
View ArticleClik here to view.
Office Space- A funny movie about hackers or a real life security threat?
Though most SAP programmers are reliable, serious professionals, there are a few who are intent on harming their organizations – and because of these few, we are rightfully afraid of the power of SAP...
View ArticleClik here to view.
Concurrent Licenses
Although this topic may generate a lot of excitement among some of you – it's not a formal SAP licensing type (yet). However, it might make sense to consider it, since using LicenseAuditor, we often...
View ArticleClik here to view.
How to Become a Successful Security/Authorization Manager
The more Security and SAP Licensing Managers that Xpandion works with, the more confirmation we receive that there is a distinct difference in the actions taken by successful managers vs. unsuccessful...
View ArticleClik here to view.
Optimize Licensing Costs. Increase Security
Increased licensing costs. Security. Breaches. Hackers. Budget cuts. Downsizing.These are amongst some of the most worrying words that enterprises and managers can hear. And, yet, they are a part of...
View ArticleClik here to view.
Control GRC and Segregation of Duties in your Organization – It’s your Duty!
Companies of all kinds and sizes are focusing more and more on finding the most adequate GRC (Governance, Risk, and Compliance) and SoD (Segregations of Duties) solutions.Why? Failure to comply with...
View ArticleClik here to view.
Hooray! We Caught a Thief!
This is a true story from last week – an Xpandion expert received a phone call from one of our European clients, claiming they just received a High Risk Irregular Behavior alert pertaining to...
View ArticleClik here to view.
Who Authorized It?!
Who authorized it is definitely the most asked question following a fraud event or leakage of information. Although access to information is conducted and controlled through authorizations, this is...
View ArticleClik here to view.
How Responsible Are You?
When it comes to requesting and granting authorizations, I found that in many companies the process is performed manually – via email – as follows:User sends email to IT requesting additional...
View ArticleClik here to view.
The Concept of Isolation
In order to manage a Segregation of Duties project successfully, it is essential that you eliminate business risk across your organization. To accomplish this you need to implement a comprehensive...
View ArticleClik here to view.
Get Rid of Power Users Once and For All
Organizations have Power Users in all systems (at least I have not yet come across an organization without them). Power Users hold a vast amount of authorizations, or even full authorizations in...
View ArticleClik here to view.
If It Ain’t Broke, Don’t Fix It
I, for one, feel confident when implementing new software on a client’s server or on our secured cloud; nonetheless I can’t necessarily say the same about the customer... Sometimes I feel that...
View ArticleClik here to view.
3 Standards Every Risk Manager Should Require From Developers
I recently held a conversation with a highly-experienced risk manager from one of our valued customers. As we were discussing the topic of development it dawned on me that this subject is often...
View ArticleClik here to view.
The Adventures of a Bored Programmer
What may be considered by a programmer as just playing around might end up as a security nightmare for a SAP® based enterprise. I actually want this to sound dramatic and grab your attention – I have...
View ArticleClik here to view.
Do You Know What to Do In Case of an Emergency?
Emergencies happen. Yes, even in businesses. The ones I’m referring to are related to work processes and ERP security. Ok, so it’s not a fire or flood; still any business must be able to handle...
View ArticleClik here to view.
Are We Human or Are We Software
Does the following dialog ring a bell?Auditor: How in the world was activity FS02 (Change G/L Account) not marked as high risk?!Risk Manager:Well… it was marked… but then John told me...
View ArticleClik here to view.
Discover How Simple It Can Be To Manage a Role Catalog
One of your accounting clerks just left on maternity leave (congratulations to Sally). Another employee is replacing her and thus has the new responsibility of performing Invoice Reconciliation (good...
View ArticleClik here to view.
Pay (Only) As You Use
Pay (only) as you use – innovative approach? Indeed (although we have already recommended a similar approach in SAP licensing by concurrent users, suggesting that companies pay only for the licenses...
View ArticleClik here to view.
Unexpected Party in Production
IT activities in most enterprises fall under internal rules and regulations. Transferring objects to the production environment or creating them – is no different. Companies usually have a process for...
View ArticleClik here to view.
Does Your Software Suit You?
When you go to a tailor to purchase a suit, do you prefer a suit that fits you 100%, in size and taste? Or would you rather get a semi-fitted suit, which is not quite your size (baggy…) and only close...
View Article
