The following risks are often present but go undetected by security administrators and auditors because they are typically “unusual” cases. This doesn’t mean they aren’t present; they aren’t immediately apparent. Let’s look at some of these! 1. User accounts with critical profiles (SAP ALL and similar) that are inactive or locked but still used in […]

October 5, 2023

Discovering Hidden Risks in SAP Security

contenido 9 AU

The queries made by auditors always give us a headache, either because of the difficulty in finding the right answer or because it forces us to dedicate time that we do not have. That is, a headache always! After reviewing the system with their own software tools, they give us their reports to which we […]

September 15, 2023

How to respond to auditors’ requirements?

contenido 8 AU

Can you imagine having a scanner that allows you to detect vulnerabilities and risks in the privileges assigned to user accounts? Imagine how you could strengthen the security of your SAP system proactively and efficiently: The new CentinelBox service will allow you to proactively take action to resolve them and achieve favourable and beneficial results: […]

August 30, 2023

Scanning Vulnerabilities and Risks in User Accounts, Roles, and Profiles Security in SAP ECC and S/4 HANA

An effective solution to eliminate unused roles and optimize user assignments

Risks in SAP: Are all risks identified, and are we working to resolve them? Are there risks that we are unaware of or that are hidden? In strictest rigor, it is likely that we will never have all risks fully controlled. However, it is imperative to know them all and establish a work plan for […]

June 6, 2023

Identifying Visible and Hidden Risks in SAP.

What should I control? What are the critical variables in SAP security that I should monitor? For executives and CISOs, a red alert is a first level to act upon. As we presented in the previous email, CentinelBox provides reports with color identification in cases where action is required… without the need for a deep […]

May 31, 2023

SAP Security: Controlling Critical Variables

The difficulty faced by executives – and many CISOs – is understanding the logic and high level of data disaggregation required by SAP security privilege definitions and how to trust that there will be no leaks of classified information or fraud in system usage. There are no simple answers. Moreover, considering that annual reviews by […]

May 22, 2023

Unlocking SAP Security: Understanding its Complexity, Mitigating Risks, and Empowering Executives

An effective solution to eliminate unused roles and optimize user assignments

Some people may disagree with this statement, but it is a fact. Internal controls are the processes implemented by companies to ensure their objectives are met. They are the parts of the business process which provide mechanisms that could prevent inaccuracies or frauds, whether they were triggered by mistake or not. Preventive v/s Detective controls  […]

January 19, 2023

Control is always rewarding

Centinel box sap security