Is SAP indirect access an exact science yet?

SAP indirect access

We speak about SAP indirect access when SAP customers trigger the SAP ERP systems via a third-party application. It’s a type of access that has to be licensed separately, mostly user-based, otherwise you are at risk of paying large fines to SAP for using the software without the required and correct licenses. The exchange of information between SAP software and a third-party system is defined by SAP as ‘indirect’ and is a breach of the traditional user license.

Example of SAP indirect access situations

  • IoT devices or mobile applications aimed at automating data entry into SAP software
  • Non-SAP software with access to updating, changing, storing or reading SAP data. For example, when someone from your engineering team is using a third-party engineering application to work on product design, but has to gain extra engineering data out of SAP to finish the design job.
  • Non-SAP online storefronts that make use of SAP software to place orders, keep an eye on shipments, or transfer postings in real-time. For example, when an SAP customer issues an order to his suppliers through a non-SAP application and it returns to SAP with the inquiry to check the level of inventory or the credit limit.

SAP indirect access: a much debated topic

The story of SAP indirect access was a much-debated topic in the market over the last year. Online publications in the SAM industry not only debated the topic, they even took sides, judged or provided advice on how to manage or avoid such risk exposure.

In a perfect world, software asset management is supposed to be an exact science where everything is either black or white. It should be as simple as ‘entitlements versus usage’. Basic math. In real life, things are a bit more complex.

The truth is that there is no clarity around this topic yet and it will cost SAP, their customers and SAM experts quite some time, money and energy to vanish the incertitude around indirect access and create a set of rules that is not open to interpretation.

A thorough Indirect Use investigation

Since the indirect access saga started, SAP tried to simplify the pricing strategy and clearly describe the access to SAP ERP, making it easy for their customers to understand what kind of access falls under indirect access. To classify if an interface is under risk or not, there is now a set of decision nodes to be followed. However, performing a thorough indirect use investigation involves joint efforts of the Process Integrations Department, Systems Administration and License Management Department (in the lucky event of having a team in your company that is carefully administering your SAP licenses and has access to all the contracts signed with SAP).

SAP Indirect Use Access Whitepaper

In our latest “Is SAP indirect access an exact science yet?” whitepaper, we bring more clarity to the indirect access topic, explain different licensing scenarios that prevent you from triggering indirect use, and provide guidance how to identify and tackle risks.

This article was published on 03-05-2018