Q

Vendors access to production data

Do you have any guidelines for allowing suppliers/vendors access to production data? What type of security should be in place? Do you know anyone who has done this and been successful?
We are playing with this idea as well. Obviously, access for suppliers/vendors should be limited to precisely the data and functionality they need to know. This is an area that we will continue to see recommendations in the next few years due to many companies' emphasis on Supply Chain projects.

The biggest hurdles I have uncovered are managing the user accounts from a distance: how do we track users, turnover, and password management? I have noted that many companies are turning to off-the-shelf provisioning products that manage many of these 'opportunities' and allow for distributed administation by a vendor delegate. My personal opinion is that vendor access should be limited to functionality and data specific to that vendor's business relationship. Furthermore, user accounts should be "silo'd" in an associated user group and reviewed on a periodic basis (hopefully automatically) for usage and access. Obviously, I suspect that any organization allowing vendors access will have supporting legal and contractual language that governs both use and the expectation of confidentiality.
This was first published in November 2003

Dig deeper on SAP security administration

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchManufacturingERP

SearchOracle

SearchDataManagement

SearchAWS

SearchBusinessAnalytics

SearchCRM

SearchContentManagement

SearchFinancialApplications

Close