Martin Voros wrote:
Regarding HANA I do not have any data so it is hard for me to judge. But I can imagine that security is not one of the top priorities when SAP is rushing to get new product to market.
Martin,
I can understand your sentiment, and I suspect that anyone who struggled through early SolMan, which was just about entirely lacking in security, might feel that way. SAP has bought and rebranded as theirs numerous software packages with so many different authorization concepts, I agree with Colleen that it is just about impossible for any one person to be expert on all of it. I took up this issue with Vishal at TechEd 2007 and never did get a response that I was happy with; now he is gone and here we all are, still challenged by supporting all the myriad of authorization concepts in our organizations' SAP landscapes.
However, I have to say that the little I have learned about security in SuccessFactors gives me hope that SAP is headed in a new direction. If they can extend that user-attribute based rule concept of security to other solutions, perhaps eventually it will be simpler for security, too.
Regards,
Gretchen