Marc Bernard Tools takes security very seriously and we will address any issue immediately. For details on how to contact us, see our Security Disclosure Policy.
User Management and Authentication
Marc Bernard Tools is fully integrated with the standard SAP user management and authentication mechanism. Therefore, all users need a valid user ID and login to the SAP system in order to access any of the tools.
Marc Bernard Tools do not provide any new authorization objects. Tools features are protected using existing standard SAP authorization objects. In order to use tools, users must therefore be assigned corresponding authorizations via roles or profiles.
Often Marc Bernard Tools are integrated with or enhancing existing SAP functionality and users most likely already have the required authorizations. For details, see the “Security” section of each tool.
Network and Communication Security
Marc Bernard Tools do not require any network connection and can be used completely offline.
If the SAP system is connected to the Internet, the administrator can opt to enable the automated update feature. This will use a standard RFC destination for a secure, anonymous HTTPS connection to the MBT Website at https://marcbernardtools.com/.
Security for Data Storage
All data created or maintained through Marc Bernard Tools is stored on the application server database. You can protect data from being accessed by unauthorized users by assigning authorizations. In the default setting, data is not protected.
Data Protection and Privacy
Marc Bernard Tools does not collect or store any sensitive personal data. Certain user actions are logged in the standard SAP application log (for example, connection to the MBT Website for checking versions or updating tools). These logs can be viewed or deleted using standard SAP functionality (transactions SLG1 and SLG2).