When SAP® users get sleepy
“Dormant” SAP usersSome licensing-optimization tools for SAP, including ProfileTailor LicenseAuditor claim that they can identify “dormant user accounts”. Some customers don’t understand what this...
View ArticleOffice Space- A funny movie about hackers or a real life security threat?
Though most SAP programmers are reliable, serious professionals, there are a few who are intent on harming their organizations – and because of these few, we are rightfully afraid of the power of SAP...
View ArticleConcurrent Licenses
Although this topic may generate a lot of excitement among some of you – it's not a formal SAP licensing type (yet). However, it might make sense to consider it, since using LicenseAuditor, we often...
View ArticleHow to Become a Successful Security/Authorization Manager
The more Security and SAP Licensing Managers that Xpandion works with, the more confirmation we receive that there is a distinct difference in the actions taken by successful managers vs. unsuccessful...
View ArticleOptimize Licensing Costs. Increase Security
Increased licensing costs. Security. Breaches. Hackers. Budget cuts. Downsizing.These are amongst some of the most worrying words that enterprises and managers can hear. And, yet, they are a part of...
View ArticleControl GRC and Segregation of Duties in your Organization – It’s your Duty!
Companies of all kinds and sizes are focusing more and more on finding the most adequate GRC (Governance, Risk, and Compliance) and SoD (Segregations of Duties) solutions.Why? Failure to comply with...
View ArticleHooray! We Caught a Thief!
This is a true story from last week – an Xpandion expert received a phone call from one of our European clients, claiming they just received a High Risk Irregular Behavior alert pertaining to...
View ArticleWho Authorized It?!
Who authorized it is definitely the most asked question following a fraud event or leakage of information. Although access to information is conducted and controlled through authorizations, this is...
View ArticleHow Responsible Are You?
When it comes to requesting and granting authorizations, I found that in many companies the process is performed manually – via email – as follows:User sends email to IT requesting additional...
View ArticleThe Concept of Isolation
In order to manage a Segregation of Duties project successfully, it is essential that you eliminate business risk across your organization. To accomplish this you need to implement a comprehensive...
View ArticleGet Rid of Power Users Once and For All
Organizations have Power Users in all systems (at least I have not yet come across an organization without them). Power Users hold a vast amount of authorizations, or even full authorizations in...
View ArticleIf It Ain’t Broke, Don’t Fix It
I, for one, feel confident when implementing new software on a client’s server or on our secured cloud; nonetheless I can’t necessarily say the same about the customer... Sometimes I feel that...
View Article3 Standards Every Risk Manager Should Require From Developers
I recently held a conversation with a highly-experienced risk manager from one of our valued customers. As we were discussing the topic of development it dawned on me that this subject is often...
View ArticleThe Adventures of a Bored Programmer
What may be considered by a programmer as just playing around might end up as a security nightmare for a SAP® based enterprise. I actually want this to sound dramatic and grab your attention – I have...
View ArticleDo You Know What to Do In Case of an Emergency?
Emergencies happen. Yes, even in businesses. The ones I’m referring to are related to work processes and ERP security. Ok, so it’s not a fire or flood; still any business must be able to handle...
View ArticleAre We Human or Are We Software
Does the following dialog ring a bell?Auditor: How in the world was activity FS02 (Change G/L Account) not marked as high risk?!Risk Manager:Well… it was marked… but then John told me...
View ArticleDiscover How Simple It Can Be To Manage a Role Catalog
One of your accounting clerks just left on maternity leave (congratulations to Sally). Another employee is replacing her and thus has the new responsibility of performing Invoice Reconciliation (good...
View ArticlePay (Only) As You Use
Pay (only) as you use – innovative approach? Indeed (although we have already recommended a similar approach in SAP licensing by concurrent users, suggesting that companies pay only for the licenses...
View ArticleUnexpected Party in Production
IT activities in most enterprises fall under internal rules and regulations. Transferring objects to the production environment or creating them – is no different. Companies usually have a process for...
View ArticleDoes Your Software Suit You?
When you go to a tailor to purchase a suit, do you prefer a suit that fits you 100%, in size and taste? Or would you rather get a semi-fitted suit, which is not quite your size (baggy…) and only close...
View Article
More Pages to Explore .....