In our previous release, we introduced our solution for enhancing security without being hindered by the ever-present problem of needing to implement changes urgently with limited resources. Now, let’s delve into CentinelBox’s functionality for making mass changes to roles. Challenges that arise: ➡️ During the migration from SAP ECC to S/4 Hana: -> Obsolete transactions […]

July 26, 2023

Agile Solution for Enhancing Security and Streamlining Mass Changes in SAP S/4 Hana

The difficulty faced by executives – and many CISOs – is understanding the logic and high level of data disaggregation required by SAP security privilege definitions and how to trust that there will be no leaks of classified information or fraud in system usage. There are no simple answers. Moreover, considering that annual reviews by […]

May 22, 2023

Unlocking SAP Security: Understanding its Complexity, Mitigating Risks, and Empowering Executives

An effective solution to eliminate unused roles and optimize user assignments

Did you know that there may be zombie profiles within your SAP system? One way to detect fraud or misuse of authorizations is by chance or accident. Once the cause-and-effect is identified and a solution is found, it allows for the development of this tip. In an analysis of used transactions that were not assigned […]

May 8, 2023

Fast Checklist 15: Be careful with zombie profiles in SAP

Some people may disagree with this statement, but it is a fact. Internal controls are the processes implemented by companies to ensure their objectives are met. They are the parts of the business process which provide mechanisms that could prevent inaccuracies or frauds, whether they were triggered by mistake or not. Preventive v/s Detective controls  […]

January 19, 2023

Control is always rewarding

Centinel box sap security

Cybersecurity and the need to secure access from external agents to our network are big issues that could generate concern over time. However, there is not much discussion about the incidents that could be generated internally with no external agents stepping into it*. Below I highlight some examples of the most severe incidents described by […]

January 3, 2023

Cybersecurity and internal trigger events

It is common that investment and SAP system security project development decisions are based on the seriousness of the observations made by the External Auditors in their reviews. In addition, the executive level generally undervalues the auditors’ observations, so it is likely that the lack of action on security is always the same.   The auditors’ […]

January 3, 2023

Are you comfortable with SAP security reports provided by external auditors?