3 ways a more efficient authorization incident process impacts end users
Following up on my last post about making life easier for an SAP admin, I wanted to take a user’s perspective for this one. When an end user runs into an authorization check failure, work doesn’t stall, it stops. And, the only option they often have when an authorization issue happens is to run transaction SU53, take a screen shot, send it to the security administrator, and wait and wait and wait and be annoyed.
Fortunately, authorization incidents can be managed in more user-friendly ways that can help users appreciate security administrators more than they already do. Here are three ways.
-
Users are more understanding regarding access constraints when they know that the authorization issue is not an IT issue: Having policy documentation a click away whenever users run into an access issue lets them know that IT might not be the reason they lack access. Since one of the best ways IT can resolve some issues is not to own them in the first place, this helps users understand that their issue is really a business and audit issue and not an IT one.
-
Users know that IT cares more and is expediting the resolution if the ticket creation process is automated: The last thing a frustrated user wants to do is run SU53, take a screenshot of its output, and then have to kluge together a support ticket and submit it via email to someone who might not be the right person to help. Instead, let your users know they are on the fast track by automatically creating the ticket for them – just be sure to give them some space to vent and a way of setting the ticket’s priority (hint: it won’t be set to a low priority). See in my previous post how automated ticket creation and data capture also reduces the time it takes admins to troubleshoot and resolve issues.
-
End users see security admins as facilitators and not just an inhibiting function when admins provide workaround options in addition to ticket status reports: If blocked users see that the security team is working on the issue and the status of their issue, that is helpful, but, for low-risk authorizations, it can change the end user's perception of IT security if, in addition to status reports, IT also suggests workarounds. For low-risk authorizations, this can be done by recommending those on the user's team who have the required access. When users have the option of visiting a teammate and getting help to expedite a transaction, they are more likely to get the impression that the security team is just as concerned as they are about getting valid transactions processed efficiently and quickly.
By the way, these three ways of improving authorization incident management are supported by Authorization Help, Security Weaver's module for automating the authorization management process. Authorization Help can increase the efficiency of an authorization incident process and the satisfaction levels of IT users. To see more ways Authorization Help can help streamline the authorization management process SAPInsider magazine published an article that goes into more detail.
To learn more about Authorization Help, download the data sheet here. If you would like to see a demo either use the online popup chat feature attached to our site or send an email to info@securityweaver.com.