A Day in the Life of a SAP Security Guy

Posted on February 2015 By Adam Waring
Sap Security 1140x445

​Ever wondered what your fellow SAP colleagues actually do? Adam Waring kicks off our inaugural “Day in the Life of” with a witty review of SAP Security administration.

“Do you just reset passwords all day?”

This, my SAP community friends, is why I now just answer “IT stuff” when people ask me what work I do. Also, if the answer to the above was “Yes”, it would make this piece ‘A Day In the Life Of a SAP Security Guy’ crazy short:

9am-5pm – Reset Passwords.

The End. 4 word article = Smashed it.

I’m sure you’ve never really thought about your poor nerdy SAP Security admin team, tucked away in the corner, before but they are a thousand times more interesting than you’d realise. They’re also way too important to just chat to colleagues and so if anyone cares to ask, SAP Security will often spout words like ‘Segregation of Duties’ and ‘Authorisation object values’ sending you straight to sleep or just straight up backing away so they can get back to saving the world.

I’ll probably have all my user ID’s locked for this, but here is what SAP Security Administration Dudes and Chicks really get up to:

5am – Meditate.

Today will undoubtedly face a lot of angst, frustration, people wanting things and spreadsheets so a calm body and mind is essential for getting through the day and emerging the other side a total champion.

6am- The 3Ps.. Pushups, Pullups, Protein shakes.

Charging PMOs, Raging ABAPers, Furious FICOs are just a few of the dangers SAP Security will face in a day, we’re going to need all of our muscles.

7am – Clear the ninjas out from the Project workspace.

At SAUG everyone is really friendly… but behind the scenes companies are always sending silent deadly assassins to steal other companies Deliverable Documentation or disrupt a competitor’s SAP project…. but you’d never realise the early morning high-speed Kung Fu battles each day because SAP Security has got it sorted.

8am – Spreadsheets! OMG The Spreadsheets!

No one buys an ERP system because the security toolset is amazing, for that reason, SAP AG haven’t developed the security tools since they unleashed the Profile Generator (1997). I’d normally spend 99% of my day downloading data and formatting it rather than the glamourous ‘doing things in SAP’. Building something in actual SAP is a great day. I think I’ve done it twice.

9am – Explaining processes.

Probably the one defining feature that every single person on this planet shares is that we all believe we should be the exception to any process. SAP Security says No!

11am – Unlocking the Project Team.

It’s a little known fact that the SAP project team is way worse than any user community when it comes to locking themselves out of various SAP systems. It’s fair enough too, most large organisations have a huge number of systems and clients… it literally only takes a micro-second of my time to rescue a poor colleague, but I like to communicate a 6 to 8 week lead time because this, quite frankly, encourages delicious chocolatey bribes from desperate dead-line pressured project members.

12pm – Locking out The Hilarious.

Does it ever feel like your own user ID is locked randomly? You know you know exactly what the password is but it’s just not working?

It’s probably because you’re super fun, heaps good at convos or just generally a great person and SAP Security just wants to hang out with you for a bit. It’s pretty much the greatest compliment a person could ever receive, ever.

2pm – Redouble Security Efforts!

Got a project plan that’s looking a bit too lengthy and therefore unapprovey… cut Security! It’s hardly a rowrrrr item on any Gantt chart and it virtually has no consequence (except for Go Live morning). SAP Security Dudes don’t say much, but we do like to end most meetings with “Annnnnnd, what about security?”

3pm – Resolving issues.

“SAP isn’t working.”, “I can’t access General Ledger”, “Can I borrow your stapler?” These are the general sorts of issues your friendly SAP Security person tackles hourly, with almost no information.

My usual answers are “There, there.”, “I agree, that does suck.” and “Hmmm, can you show me?” This last one is actually a total stall tactic because I’ve realised I stuffed up and am fixing the problem while they’re busy logging on. Suddenly it works… huzzah!

4pm – I.T Stuff.

SAP Security Administrators do get really good at resolving all sorts of IT problems, and I often become a bit of a one stop shop for all technical issues. It’s totally fine, it’s great even. The enemy of your enemy is your friend, so if we’re all banding together to defeat a jerk printer, so many smiles… much better than when everyone bands together because they all got locked out at 11am.

5pm – Think about going home…

Not many people know about the months and months of training all SAP Security Administrators go through in a secret cabin hidden deep in the Himalayas/Sale; Bo Staff skills, Nunchuck skills, PFCG skills are all integral to day to day value-adding… and yet nothing in this incredible arsenal of awesome can prevent this one simple truth…. Standing up to leave reminds everyone around you of their particular security issue. The duck and roll, the hug and roll, the leap frog; I’ve tried them all. Unsuccessfully.

Visit Adam Waring on LinkedIn