SAP® HR Security
Read Access Logging with our SAP® HR Security-tool SAST AT HCM DisplayTrack
SAP® systems are not only the target of external attacks, they are also "attractive" for unauthorized access by internal people. Even if SAP® users protect their valuable HCM data through a sophisticated SAP® role and authorization concept, there are still gaps that internal people can use to gain access.
With a suitable "emergency user concept" , the access, editing, and downloading of data by employees can already be documented in an audit-proof manner, but to date, this has not been possible for the display of data (read access).
This situation is very problematic from a data protection and personnel legislation point of view, because read access to sensitive HR-data cannot be recognized or documented by the SAP®-system. From the point of view of the HR department,
the data protection officer and audit department, a remedy for this must be found. What helps at this point is reliable technical support and supplement to the „SAP® standard system“ that monitors and fully logs the „reading“ of sensitive data.
The logging of read access to SAP® HR-data
With our SAP® HR Securtiy-tool, the SAST AT HCM DisplayTrack, an add-on module for SAST AdminTrack , akquinet is the first SAP®-certified consultancy partner to offer a reliable solution that logs read access to SAP® HR-data of your HCM-system and provides detailed proof of this. In particular, read access to HCM master data in personnel administration is logged.
Gap-free documentation of read access
With the help of our SAP® HR Security-tool, you get meaningful logs that fully document access by privileged users (e.g. SAP® administrators) to sensitive HR-data in your SAP® HCM system.
Scope of logging
Our SAP® HR Security-tool enables logging of the following types of access to SAP® HCM data:
- read access to infotypes using transactions PA10/20/30/40
- documentation of changes to HR infotypes
- documentation of the use of HR reports and queries that use logical database PNP and PNPCE (incl. output of selection parameters)
- attempted read access to HR tables in the PA* area (infotypes)
Currently, only access to SAP® HCM master data with type A (employees) is evaluated. An extension to data type B (applications).
- you protect your HR data against misuse
- you have information about all data access, including read access, in a form that can be used in court
- you have transparency about the behavior of privileged users
- secure protection of valuable data in your SAP® HCM system
- fulfillment of data protection legislation, personnel legislation and internal company requirements
- tried-and-tested, SAP®-integrated solution
- quick to install and easy to adapt to your requirements, if necessary
- security is simply a good feeling
Many companies rely on the SAST security solutions - please ask for further information and our references!
Use our SAP® HR Security-tool SAST AT HCM DisplayTrack to protect your sensitive HR-data of your SAP® HCM-system over the long term!
Our Flyer "SAST AT HCM Display Track" gives you a short overview about functions advantages and usability!
SAST GRC Suite
Get more information about our SAP® Security Tool .
SAP® GRC Consulting
Get more information about our SAP® GRC consulting services .