Coffee, Commissions, & CPQ: What SAP Commissions' Security Enhancements Mean for Users

Coffee, Commissions, & CPQ: What SAP Commissions' Security Enhancements Mean for Users

Coffee, Commissions, & CPQ: What SAP Commissions' Security Enhancements Mean for Users

No comment Share

Author: Canidium Podcast

Coffee, Commissions, and CPQ is a podcast that will cover topics about all things sales, sales operations, sales enablement, and SPM! In the fifth episode of our series, Canidium's SAP Commissions Practice Lead, West, Connor Barry, talks about the recent security enhancements for SAP Commissions. Tune into our podcast by clicking the link below, or read the transcripts on this blog! 


Rick Roberts: Hello and welcome to Coffee, Commissions, and CPQ, a podcast where we talk about all things related to increasing the effectiveness of your sales organization. My name is Rick Roberts, and I'm your host for this episode. Today Connor Barry, the practice lead for SAP Commissions at Canidium, has joined us again - and we'll be discussing the recent security enhancements for SAP Commissions. So Connor, thank you very much again for being back on this podcast!

Connor Barry: Yeah, absolutely. Thank you for having me on.

Rick Roberts: Yeah, anytime. Hopefully, we'll get you back many more times. Why don't we dive into it and discuss these recent security enhancements for SAP Commissions? Why don't you give us a little oversight of what people should be looking forward to?

Connor Barry: Yeah, absolutely. So recently, SAP put out a press release around some security enhancements that they determined they needed to implement for a number of their cloud products. The enhancements are being put in -  not because of breach of any data security or anything like that, so I wanted to make that clear. There has been no breach of anybody's data from any of the SAP Commissions’ environments. This is a proactive step that SAP is taking in order to ensure the safety and security of everyone's data within their cloud products. And specifically, we're going to talk about SAP Commissions here today. And so what is SAP doing? They're moving at really kind of breakneck speed to get some of these enhancements put in. And they're doing this as their standard process. They're starting with non production environments. And they're basically making it a little bit more secure in the way that administrators can log into the system, who has access to those administrator rights, and making sure that again, all the customer’s data is secured appropriately in the systems. And so there's a couple things that are happening. The first is one of the primary administrator users in the system. It's a user that comes with SAP Commissions right out of the box. It's the one that every customer is going to have when they previously bought SAP Commissions.


When they login to the system, and to protect that specific user, and I'm not gonna name the actual username for the sake of security right now, that user is no longer going to be accessible from an actual login perspective. The user rights are still accessible to administrators. If you've set up an individualized administrator, you can still access those rights. But they’re no longer going to be able to have the capability to log in as that overarching admin role, you have to have individualized administrative accounts to log into the system as an admin. And that's going to really help us in security. And so with that, there's a couple of items that folks are going to be working on. If you are already engaged with Canidium, these items are going to be happening for you. And if you aren't, we can talk about some of the ways that you can ensure that this is an easy transition with the security enhancements and then nothing breaks with some of these changes. The first item that we need to be able to do and change is that no one's logging in as that user that I mentioned previously, and that you're using individualized administrative logins. And what that means is basically, if Rick had a login, he's logging in as Rick, not as an overall admin of the system or an admin user. It's strictly Rick's login, and he has admin rights to use the system. And so we want to make sure that our customers are doing that. It's actually a best practice to do that ahead of time anyway, so that you can use the auditing features of the application to to actually make sure you're knowing who's making changes to the system. And it's not just some administrative user that you can't track down and ask questions about why they're changing things. So that's the first item that's changing. The other item that we're encouraging our customers to do is make sure that there's proxies to those previous admins. What a proxy is, is it enables someone to view the system as if they were that user, and so we're looking for our customers to make sure that that overall admin user that came with their first initial login is actually being created as a proxy for individualized admins in the system. The last aspect of this security enhancement is going to relate to all of our customers’ data integration processes. Specifically, you're using an application called connected enterprise or any API calls. We also have to make sure that we change the authorizations in those data integration processes, to use an individual administrator as opposed to those overarching admin users that came with your initial welcome packet. And so, we want to make sure that we're using an actual user of the system, an actual admin to the system - so that again, we're not going to be dependent on the overarching admin user that came with previous implementations. So, really, it's just a matter of updating some small pieces of your code in the data integration. And some customers might not be comfortable doing that on their own. And that's certainly something that Canidium can help out with and ensure that the process is not only updated, but updated appropriately. If a customer's using something like CDL, or Commissions Data Loader, smart data integration, we'll also have to make some small updates to those tools as well. They're just less of an impact compared to some of the updates you'd have to make. If you're using API's with the Connect Enterprise application.


Rick Roberts: Yeah, sure. So I think overall, everything that you're saying, it's all good news, right? Obviously, these are all enhancements. So that's good and moving forward, I guess, just maybe manage some of the expectations around you know - because you're saying a lot of things here - Is it hard to make any of these changes on your own? Is it something daunting? I just want to make it clear to some listeners that this really should be something that they can easily manage as far as some of the changes that that you are discussing here, and then maybe just kind of go back into what we had briefly touched upon on our last podcast, because you are talking about if you're already engaged with Canidium, I think, you know, maybe it's worth mentioning something about our Managed Services offering. This way people can truly understand that they're able to get support like this. And anytime there's some sort of enhancement, and if that means anything for the current user, that if they are working with a partner like Canidium, that they are able to focus on other things while Canidium can handle all of these. 

Connor Barry: Yeah, absolutely. So to answer your first question around the ease of making these updates, the first update is, you know, just making sure you have an individualized user for your team. That should be very easy for any customer to do. As a part of implementation processes, customers should be trained on the ability to create new users and assign roles to those users. And so this just means, again, if you're using that overarching admin user that came with your initial one, that you just need to create a new one for your individual admins. And that's something that should be covered in any customers operations guide. The second change, this is a little bit more involved. So anytime anyone opens up a data integration process, it can definitely be a little bit more daunting. And so that's where I typically recommend, if you haven't touched your data integration process on your own, you do engage with Canidium as your implementation partner to make sure those updates are made appropriately and maybe with basic best practices in mind so that you're not impacting other items by going in and changing data integration. So that's certainly something that's a little bit more difficult for customers to do. On the other front, you know, this is one of many enhancements that SAP puts out every year. They do quarterly releases typically that enable customers to access new and enhanced items within their SAP Commissions environments, they also fix minor bugs and issues that might come up, as well as releasing new product functionality, new usability using certain things. That's where it can be very valuable to have an implementation partner like Canidium to help you understand what those releases, enhancements and other aspects that may be coming out in their quarter releases actually do and how you can use them in your build. Every customer has unique aspects of their build unique compensation plan components. And so whenever enhancements come out, those affect customers in different ways. But we certainly want to make sure all customers are using any announcements that come out, using best practices and taking advantage of those enhancements as well to get the best user experience (UX) for their sales folks, and also make sure that they're getting the most out of the tool.


Rick Roberts:  Awesome, great. So this is, obviously it's a shorter podcast this time around, but I just wanted to make sure that we were covering these enhancements for SAP Commissions. So thank you very much. again for being on this podcast. And if there's any other enhancements or anything else that pops up, then we'll certainly get you back on here.

Connor Barry: Yeah, appreciate it. And I do want to make one last quick note. And that's if you don't get a chance to make these enhancements right away, there might be some errors that customers might see in their data integration processes. And specifically, it's going to be in their non production environments, at least until later in the month. We're currently in May 2020. If you know down the road in June, you see errors in your data integration processes in production, especially around authentication errors within your data integration - that's where you definitely want to call up Canidium and have a code update made to your system to address the administrator changes that came out with this latest enhancement.

Rick Roberts: Great, thanks for that! And for anybody listening that is interested in Managed Services or support, just go to Again, it's, and one of our team members will get right back to you. So again, thank you very much Connor, and hope everybody found that very useful!

Connor Barry: Yea, thanks Rick!

If you would like to learn more about the recent security enhancements for SAP Commissions, just reach out to our team by clicking the button below. 

Get in Contact

Receive future pieces