Blog

Start Here

Get in touch with a
TriCore Solutions specialist

Blog

Blog | Sep 8, 2017

AWS/Cloud Services: WAF Mitigation of Web Application Vulnerabilities

Posted by Dan Robinson

You may think you know about AWS/ Cloud Services but this post will test that theory. Read on for 7 things everyone should know about the tips from the AWS/Cloud Services White Paper (issued July 2017) on using the web application firewall (WAF) to mitigate security flaws.

What is AWS' WAF? WAF is a AWS web application firewall that users will find of practical value in protecting websites and applications from attacks at the HTTP protocol level. AWS developed the White Paper to explain how organizations can adapt the WAF in response to the Open Web Application Security Project's (OWASP) top ten web application vulnerabilities.

Read More

Blog | Jun 26, 2017

Intro to SSAE16

Posted by Prashant Sharma

SOC is a product of AICPA (American Institute of Certified Public Accountants), which provides guidance on these audits. Earlier, this was popularly known as SAS70. SAS70 is no longer valid and has been replaced by SOC 1, SOC2 and SOC 3.

Read More

Blog | Jun 21, 2017

5 Reasons You Need a Great Data Recovery and Business Continuity Plan

Posted by Kevin Carroll

Having access to the vital data that your business uses every day is one of the key factors in keeping your business running smoothly. In many cases, you might not be able to accomplish anything without it! By working to create a solid data recovery and business continuity plan, you'll create a much more effective business plan that will allow you to keep your business running in spite of potential disasters. 

Read More

Blog | Apr 27, 2017

IT Security, a 24-Hour Concern

Posted by Pete Salamanca

Security issues are keeping IT professionals up at night, and not just with worries. A breach can come at any time of day or night, and they have to deal with it right away. Internet crime costs over $1 billion a year. Criminal organizations emulate business and open-source models, putting sophisticated malware in the hands of amateurs. It's a 24-hour job to stay ahead of them.

Read More

Blog | Jan 31, 2017

Insight from Experts on the State of Application and Data Security

Posted by Pete Salamanca

Author: Peter Salamanca, V.P. of Infrastructure, TriCore Solutions

As we look back at last year, reflecting on the state of the IT industry, it’s clear that there’s still a long way to go before companies feel confident that their systems are protected. Where is application and data security headed, exactly? Tom Smith, research analyst and writer for DZone, was recently thinking the same. Over the past few months, Smith has been asking industry executives and experts (including myself) for their insight on all things application and data security. Recently, he compiled his findings into a comprehensive report on the topic. What did he discover?

Below, I’ve summarized the key findings – seven of the most important things to keep in mind to keep your applications and data secure:

Read More

Blog | Oct 14, 2016

Going Above and Beyond: An Example of a Happy SAP Compliance Client

Posted by Judy Thompson

The Background: SAP Security Best Practice

SAP Best Practices for SAP Security encourage the PRODUCTION systems to keep only Security roles that are used for executing job duties in that system. SAP Roles that are provided during an ‘Upgrade’ or a new installation are to be copied and re-named with the customer’s naming convention.

SAP's recommendation is to copy the standard roles into your own name space and make modifications to the copies as needed”

The standard roles need only exist in the DEV system. This would be the ‘BASE’ to copy the Standard roles needed by the Business, and re-name those roles and modify them to the business needs. This also would be a ‘START’ since later on customized roles can be created based on the usage for a group of users over a period of time.

Read More

Blog | Aug 11, 2016

Intro to EU Data Privacy Shield

Posted by Prashant Sharma


For both EU US Data Privacy Shield and US Swiss Safe Harbor one policy statement will suffice to meet the data protection and the data privacy principles. The new compliance will build maintain and build data integrity and security. It will build more transparency in the company’s action on data transfers and ensure that the company follows the prescribed privacy commitments.

Read More

Blog | Apr 28, 2016

Take Advantage of This Tool for a SAP SOX Audit Compliance Issue.

Posted by Judy Thompson

Have you ever run up against a SAP Sox Audit Compliance issue? Working closely with both external and internal auditors to identify areas in SAP Security needing compliance can be time consuming and daunting. Documenting the procedures, controls and policies are important for the company that is being audited and is a substantial effort for both functional and technical SAP resources.

Read More

Blog | Apr 19, 2016

TriCore’s Approach in Managing & Improving Vendor Management

Posted by Prashant Sharma


A vendor management model is designed to manage third party suppliers thereby ensuring that a continuous, accurate, timely and quality services are being provided as per the agreed service levels for your Managed Applications & services.
Read More

Blog | Mar 2, 2016

SAP Security – How to Completely Change Maintaining Multiple Locations

Posted by Judy Thompson


The ‘enabler’ role provides tighter controls for the organizational units from Company Codes, Sales Organizations, Plants, Ship to, and any other configured Organizational level within the Corporate SAP configurations.

Read More