- Aug 07, 2019
- Janik Schipp
Two Ways You Can Use an SAP Audit to Solve SAP Indirect Access Challenges
If you think SAP license management is complicated now, wait until you see how SAP licensing will change in the next few years: Document licensing for indirect access, a dizzying array of new cloud products, and the move to SAP S/4HANA.
Here are two powerful ways to address your SAP indirect access challenges and make the most out of them.
Tip #1 – Be Proactive about SAP Indirect Access
SAP Indirect access occurs when your non-SAP applications interface with SAP software. There has been a lot of buzz around SAP indirect access over the last few years – perhaps most notably in the Diageo SAP $66 million 2017 court case.
SAP indirect access is a complicated aspect of SAP license management and, with only a few published guidelines, customers are often requested by SAP to discuss their system environments. It’s up to you to analyze your indirect use exposure and ask SAP to send the bill.
Even though USMM and SAP LAW can’t detect SAP indirect access, the latest updates to SAP notes may read out all documents that could cause indirect access for RFC users. So, there are some indicators that indirect access could show up in the reports recognized by SAP’s audit department.
They do their research too. If your company shares a success story about using Salesforce and you’re not licensed, you can expect a call from SAP. It doesn’t stop there – SAP often audits customers when they’ve chosen a competitor solution.
During a software license audit, SAP’s focus is finding these third-party interfaces. If they find them, those software license audits end up in very expensive deals for the customer, or multi-million dollar lawsuits where, depending on the negotiation, the customer gets little to no value for the additional licenses.
Choosing the right S/4HANA licenses is one of the biggest – and most expensive – challenges SAP customers face today. This new Gartner research gives simple best practices for your SAP S/4HANA migration.
What’s the solution for your SAP indirect access risk?
Fully analyze your interfaces and indirect access now, before you get audited. This kind of SAP software asset management analysis will take longer than the time SAP provides to respond to an audit. You will get transparency about your architecture, understand your SAP indirect access risks, and can make an informed decision—before a software license audit forces you to think about it.
Although it is possible to pick through your data and manually make these changes, this is not recommended. SAP requires its customers to produce a technical compliance analysis and there are two licensing models that can be used: Legacy or Digital Access. It’s no surprise that SAP is heavily pushing customers toward the digital access model. In fact, Christian Klein (COO of SAP) presented SAP’s new “Digital Access Adaption program” (DAAP) – clearly designed to force customers into the digital access model –this past May at the SAP Sapphire conference.
An SAP license management tool can assist in analyzing the important, expensive challenges, such as reviewing third-party system user lists and cross-checking with the current active SAP named user pool.
Know what usage is already covered.
Sometimes a second license demand is created because it’s occurring through a third-party application. However, generally the direct access policies apply to indirect access as well, so it’s highly advisable to check if the user/machine access—such as employees, business partners, vendors, and customers—can be covered already with the existing licenses.
Tip #2 – Should You Switch to the Digital Access Model?
Step by step, SAP is making the annual system measurement process – or software license audit process – more automated. This includes developing a measurement functionality for SAP indirect access to make it more transparent for customers. This is great! But it’s more complicated than it seems.
According to the new SAP indirect access model, or Digital Access, all third-party interfaces require additional licensing if they create one of nine document types in SAP, like invoices. Each document is counted based on its original creation – there is no extra license for reading, changing, or deleting.
The new document licenses are is simpler than the legacy model and will be transparently measurable. SAP will encourage you to join the new licensing model now. “It’s simple and monitorable,” they’ll say. “Everyone’s doing it.”
Document licenses: Simplicity with a potential cost
SAP wants to license your indirect use under the Digital Access model because they can more easily measure it, track it, and sell specific licenses. The new model, despite its supposed simplicity, could be more expensive than the legacy licensing model.
The new model also has its fair share of complications, such as double-licensing. This is when the indirect access of an employee who already has a named user license due to direct access is licensed with a new document license when they create a doc.
Are document licenses right for you?
Stick with the SAP indirect access you already know and take advantage of the risks you know. The old SAP indirect access model is potentially cheaper because it’s self-audited and self-licensed based on “your best knowledge.” SAP doesn’t know the full extent of your indirect access.
How do you do this? Despite the old licensing model’s weaknesses, you can take steps to understand the extent of your indirect access instances. Start with an extensive analysis to find all indirect access instances and all third-party applications linked with SAP systems. Then you know your indirect access risks.
Then get a user list of the third-party applications linked with SAP systems, which is used with an SAP license management solution to automatically allocate the correct license and consolidate it with existing SAP licenses.
Download Aspera’s SAP Audit Playbook now for more helpful tips to turn your SAP audit into an opportunity.