After checking in at the registration desk and the ASUG Volunteer desk, my conference week in Orlando ramped up into high gear with making tough choices between sessions, which set the tone for the day. At 8:30 AM, I attended an ASUG session on The 18 Holes of Security, presented by John Hoover and Rajkishore Una. I'm well versed on security basics, but I did want to hear their tips on plugging security holes in the newer technologies. It was a good reminder that in today's complex IT landscapes, the threats to security come from many directions, and people are generally the weakest link in your security chain, so multiple protections are a way to strengthen your protection, starting with training on security and risks.
I was very excited to hear the first keynote, with speakers Sir Richard Branson and Nobel laureate former US Vice President Al Gore. I especially enjoyed hearing Mr. Gore's remarks on the business case for sustainability. My takeaway was that pollution is waste of resources, so producing more useful product and less pollution make sustainability more than just a "personal virtue," but rather it makes perfect business sense and a key component of "best run businesses."
The next session I attended was titled Build a security model for BW using the SAP GRC Suite, given by Gokul Muthuswamy. Since my organization has not yet implemented the "analysis authorizations" concept in our BW system, I wanted to hear about their migration and lessons learned. I was glad to hear his opinion that the analysis authorizations offer a lot of flexibility to the security model, and he offered several helpful lessons learned and migration tips, particularly his recommendation to do a security rebuild rather than using the migration tool to migrate the old security.
After lunch I stopped by the Global Communications Center, for a brief visit with several of my fellow SAP Mentors, including Anne Kathrine Petteroe and Marilyn Pratt. Then I attended a meeting for SAP Mentors with Mark Yolton, Senior VP for SAP Community, who spoke with us about the new SCN reputation system and took questions about SCN.
My next stop was a brief presentation on Streamlining user management with compliance. Compliance is a large part of my day job, and I'm glad I stopped by this quick session, since we are starting to plan for the inevitable migration from Central User Administration, and the speaker offered some tips for landscape options.
The last education session I attended today was Cross System SOD analysis using SAP BusinessObjects Access Control presented by Robert Mai from Deloitte & Touche. My organization sees cross system SOD analysis as option down the road, and I wanted to hear about his case study and lessons learned. The key takeaway for me was the importance of ensuring that you determine which functions really are a cross system violation that needs to be monitored; otherwise false positives could result. My only complaint about this session was that it was too short; I really wish the presenter had gone into more detail or covered more issues and tips for building custom rule sets in RAR.
The afternoon keynote was a definite highlight, which started with opening remarks from incoming ASUG Board Chair Anthony Bosco, and featuring ASUG CEO Bridgette Chambers and US General (retired) Colin Powell, former US Secretary of State, speaking on Leadership: Taking Charge, General Powell was very entertaining, getting many laughs with his spot-on imitation of Ronald Reagan, and sharing many self-deprecating stories about all the things he misses now that he is no longer Secretary of State. For me the key takeaway was his emphasis on the responsibilities of leadership: to get your people to be inspired, through mission, goals and purpose. Be a leader who believes, who people want to look up to, and your people will believe, too.
Now I am heading off for an evening of networking, reconnecting with friends and colleagues and making new connections.
