Human Capital Management Blogs by SAP
Get insider info on SAP SuccessFactors HCM suite for core HR and payroll, time and attendance, talent management, employee experience management, and more in this SAP blog.
Showing results for 
Search instead for 
Did you mean: 
Product and Topic Expert
Product and Topic Expert
SAP Puts the Security and Safety of Your Data First

Product: SAP Commissions 2005.1

SAP continuously reviews and optimizes its cybersecurity infrastructure to make your data in our Cloud solutions secure and safe. We value the trust that our customers put in SAP products and in SAP itself.

To fortify the security of our products and systems, we will be making infrastructure and product changes, starting this week with Non-Production environments.

From a product standpoint, we are improving security by disabling direct login and access for Administrator and PortalAdmin factory users. This will be implemented in the SAP Commissions 2005.1 release.

  1. Direct web login/access as PortalAdmin and Administrator users will be disabled.

  2. API usage as Administrator or PortalAdmin users will also be disabled.

  3. There will be no impact on existing data.

Note: Proxy access is still possible to PortalAdmin and Administrator roles and should be set up for at least one person in the customer environment.


When will this occur?

The infrastructure changes will be done from Wednesday night, May 13, through Saturday, May 16. Customer has been notified of the times applicable to their environments. Your environments will be unavailable during these times. We will let you know if your environments are available early.

The 2005.1 deployment schedule for environments is:

  • Non-Production: May 23

  • Production: May 30

What do I need to do?

Please make sure that all users are logged out of Commissions during the activities for the affected environments.

For the PortalAdmin and Administrative user changes:

  1. You must make sure that at least one user in the system has the ability to proxy as the PortalAdmin and Administrator users in order to ensure access at this level.

  2. You must validate that if you are using API's, that authentication is done via a technical user that is not Administrator or PortalAdmin.

Note: If you are not aware of whether you use API's with PortalAdmin or Administrator in the authentication, please contact your implementation partner.

Source link :