Security issues are keeping IT professionals up at night, and not just with worries. A breach can come at any time of day or night, and they have to deal with it right away. Internet crime costs over $1 billion a year. Criminal organizations emulate business and open-source models, putting sophisticated malware in the hands of amateurs. It's a 24-hour job to stay ahead of them.
Blog | Jan 31, 2017
Author: Peter Salamanca, V.P. of Infrastructure, TriCore Solutions
As we look back at last year, reflecting on the state of the IT industry, it’s clear that there’s still a long way to go before companies feel confident that their systems are protected. Where is application and data security headed, exactly? Tom Smith, research analyst and writer for DZone, was recently thinking the same. Over the past few months, Smith has been asking industry executives and experts (including myself) for their insight on all things application and data security. Recently, he compiled his findings into a comprehensive report on the topic. What did he discover?
Below, I’ve summarized the key findings – seven of the most important things to keep in mind to keep your applications and data secure:
Blog | Oct 14, 2016
The Background: SAP Security Best Practice
SAP Best Practices for SAP Security encourage the PRODUCTION systems to keep only Security roles that are used for executing job duties in that system. SAP Roles that are provided during an ‘Upgrade’ or a new installation are to be copied and re-named with the customer’s naming convention.
“SAP's recommendation is to copy the standard roles into your own name space and make modifications to the copies as needed”
The standard roles need only exist in the DEV system. This would be the ‘BASE’ to copy the Standard roles needed by the Business, and re-name those roles and modify them to the business needs. This also would be a ‘START’ since later on customized roles can be created based on the usage for a group of users over a period of time.
Blog | Aug 11, 2016
For both EU US Data Privacy Shield and US Swiss Safe Harbor one policy statement will suffice to meet the data protection and the data privacy principles. The new compliance will build maintain and build data integrity and security. It will build more transparency in the company’s action on data transfers and ensure that the company follows the prescribed privacy commitments.
Blog | Apr 28, 2016
Have you ever run up against a SAP Sox Audit Compliance issue? Working closely with both external and internal auditors to identify areas in SAP Security needing compliance can be time consuming and daunting. Documenting the procedures, controls and policies are important for the company that is being audited and is a substantial effort for both functional and technical SAP resources.
Blog | Apr 19, 2016
A vendor management model is designed to manage third party suppliers thereby ensuring that a continuous, accurate, timely and quality services are being provided as per the agreed service levels for your Managed Applications & services.
Blog | Mar 2, 2016
The ‘enabler’ role provides tighter controls for the organizational units from Company Codes, Sales Organizations, Plants, Ship to, and any other configured Organizational level within the Corporate SAP configurations.
Blog | Sep 10, 2015
SOC reports are a mechanism for customers to build trust while outsourcing business services. TriCore has achieved new SOC 1 and SOC 2 reports.
Blog | Jun 10, 2015
The realm of compliance and security has spread its wings far. We all are aware that the business model and its aspects have changed from what they used to be a decade back. There is a larger emphasis now in providing the best to the customer and yet complying with all the security norms to keep customer data from breaches.