Q
Problem solve Get help with specific problems with your technologies, process and projects.

Security risk: Users able to see data from other companies

We are using SAP 4.6c on a single instance. We have one controlling area with multiple companies. We have a problem where a user in one company can have access to the data of other companies. This problem presents itself in FI, CO and MM. We want to resolve the issues by adding authorization controls, but have failed. Is there any solution that you can recommend to solve the issue?

We are using SAP 4.6c on a single instance. We have one controlling area with multiple companies. We have a problem where a user in one company can have access to the data of other companies. This problem presents itself in FI, CO and MM. We want to resolve the issues by adding authorization controls, but have failed. Is there any solution that you can recommend to solve the issue?
By design CO is controlled by Controlling Area for almost all processing actions. You can control the display and some activities around reporting, budget planning and master data maintenance using the cost center hierarchy. If this hierarchy mirrors your company code structure it may serve your purposes. MM controls are based on plants, purchasing organizations and purchasing groups. Plants are typically set up for one company code so adding all the plants for one company to a user's role may mirror your company code security. FI organizational security is based on company code.
This was last published in June 2008

Dig Deeper on SAP security

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchERP

SearchOracle

SearchDataManagement

SearchAWS

SearchBusinessAnalytics

SearchCRM

SearchContentManagement

SearchHRSoftware

Close