SAP Licensing

SAP Indirect Access Licensing

SAP Indirect Access Licensing: Key Points

  • Charges for third-party systems accessing SAP data indirectly.
  • Impacts costs due to non-SAP user interactions.
  • Requires careful tracking of external integrations.
  • This is a common cost trap for many companies using connected applications.

SAP Indirect Access Licensing: Key Concepts and Cost Implications

Indirect access in SAP licensing is a critical topic for businesses that use SAP systems integrated with other applications. It can lead to unanticipated costs, compliance issues, and even legal disputes.

Understanding indirect access, how it affects licensing costs, and the associated risks is crucial for ensuring that your organization remains compliant without overspending.

Let’s explore the foundational aspects of SAP indirect access and its potential impact.

1. What is SAP Indirect Access?

SAP Indirect Access Licensing Key Concepts and Cost Implications

Definition and Overview
SAP Indirect Access refers to situations where data within SAP systems is accessed by third-party applications or systems rather than directly by a named SAP user.

For example, a CRM system pulling customer data from SAP or a web interface that processes sales orders using SAP could qualify as indirect access.

Indirect access becomes relevant when systems other than SAP interact with SAP data. Instead of the traditional model where licensed users directly access SAP, indirect access occurs when third-party applications request, modify or handle data within SAP without a direct user logging in.

Key Concepts: Direct vs. Indirect Access

  • Direct Access involves users accessing SAP systems through the usual interfaces—like logging into the SAP GUI or Fiori—using valid credentials. Each named user here typically has a license.
  • Indirect Access occurs when a non-SAP system interfaces with SAP data through an automated script, third-party application, or custom integrations like APIs or connectors. Although these systems are not users, they still use SAP data, triggering potential licensing issues.

The distinction between direct and indirect access matters because SAP sees data use as licensable regardless of whether it comes from an employee or an automated system. Therefore, indirect access must be correctly licensed.

Importance in SAP Licensing
SAP’s licensing model for indirect access often surprises companies, especially those with numerous third-party applications or external systems interacting with SAP data.

The impact can range from unforeseen costs to compliance issues that may result in financial penalties. Understanding indirect access is crucial for planning your SAP landscape, managing integrations, and avoiding unplanned expenditures.

2. How Indirect Access Affects SAP Licensing Costs

How Indirect Access Affects SAP Licensing Costs

Cost Implications of Indirect Access
Indirect access can greatly affect SAP licensing costs due to the complex nature of calculating and determining access points.

The main challenge lies in identifying which third-party systems touch SAP data and in what manner.

Costs often arise from overlooked scenarios like automated scripts accessing SAP tables or custom-built APIs interacting with SAP data.

User-Based vs. Transaction-Based Licensing
SAP typically provides two models to license indirect access:

  • User-Based Licensing: Here, indirect users accessing SAP are counted, and licenses are required for each. This can be straightforward but can quickly escalate in cost if many external users interact with SAP indirectly.
  • Transaction-Based Licensing: The newer Digital Access Model charges based on the type and volume of documents processed by SAP, such as invoices, sales orders, or purchase requisitions. This model can be cost-effective for some companies but carries the risk of unexpected expenses if transactional volumes grow beyond anticipated levels.

Factors Driving Costs

  • Data Volume: The amount of data accessed or processed by non-SAP systems often determines costs. Larger volumes can result in higher expenses.
  • External Interfaces: The number and type of interfaces—such as APIs, middleware systems, or data brokers—are critical in driving costs. Each system that connects to SAP may require licensing considerations.
  • Usage Frequency: The frequency with which these interfaces interact with SAP also affects costs. Constant or high-frequency data exchanges may significantly increase your indirect access liabilities.

3. Identifying Indirect Access Risks

Identifying Indirect Access Risks

Common Risks and Compliance Traps
One of the biggest risks of indirect access lies in failing to understand how deeply integrated your SAP system is with other applications.

Common compliance traps include not documenting third-party interactions, underestimating integration points, and assuming that only logged-in users must be licensed.

Even automated tasks or IoT devices interfacing with SAP can potentially lead to indirect access fees.

High-Risk Integration Points

  • CRM Systems: Applications like Salesforce that access SAP to retrieve or push customer data are a common high-risk integration point.
  • IoT Devices: Sensors and IoT devices often feed data directly into SAP, such as production metrics or inventory levels, which counts as indirect access.
  • Middleware: Tools that connect SAP with other databases or enterprise applications also constitute high-risk points. Middleware like Mulesoft or SAP Process Integration (PI) often automates processes that create, read, or update SAP data.

Assessing Internal vs. External Risk Sources
To correctly assess indirect access risks, it’s important to map out all the systems that interact with your SAP landscape:

  • Internal Systems: Check for internal systems, such as financial or HR applications, that automate data flows involving SAP.
  • External Integrations: Look at third-party vendors, client portals, or even e-commerce platforms that need SAP data for processing.

An in-depth assessment helps reveal unseen risks and clarifies where indirect access licensing may be necessary to avoid compliance penalties.

4. SAP vs Third-Party Indirect Access Cases

SAP vs Third-Party Indirect Access Cases

Overview of Major SAP Cases with Third-Party Software
Indirect access gained prominence following several high-profile legal cases, such as the Diageo and AB InBev lawsuits.

In the Diageo case, the company used Salesforce to interact with SAP data without proper licensing, resulting in a significant financial penalty.

Similarly, AB InBev faced a lawsuit due to its third-party software integration, where indirect access resulted in a multi-million dollar settlement. These cases have set a precedent for SAP’s rigid enforcement of indirect access rules.

Analysis of SAP’s Stance on Third-Party Access
SAP takes an assertive position on third-party software accessing SAP data, regardless of whether direct SAP users are involved. They emphasize that data accessed indirectly through third-party tools must be properly licensed.

This stance aims to protect SAP’s revenue while ensuring fair usage of its platform. SAP argues that whether a user accesses SAP directly or indirectly through third-party systems, the value derived from the software remains the same and must, therefore, be compensated.

Key Takeaways for Businesses on Handling Similar Cases

  • Review All Integrations: Businesses must review all third-party integrations involving SAP data to understand the licensing requirements.
  • Negotiate Terms Early: Early negotiation with SAP on licensing agreements can prevent legal disputes.
  • Monitor Usage Patterns: Companies should track all non-SAP systems accessing SAP data and maintain a proper inventory to ensure compliance.

5. SAP Indirect Access Compliance

SAP Indirect Access Compliance

Compliance Requirements
Compliance with SAP’s indirect access policies requires a comprehensive understanding of the company’s licensing terms.

Every system interacting with SAP data must be accounted for, whether it involves human users, automated processes, or external software. Failing to include these connections under the proper licensing can lead to severe financial penalties.

Strategies for Staying Compliant

  • Perform Regular System Audits: Conducting regular audits helps identify indirect access points. These audits should involve all SAP-connected systems to identify any unauthorized indirect access.
  • Use SAP’s Tools: SAP offers tools like the License Administration Workbench (LAW) and System Measurement Tools to monitor access and usage and ensure compliance.
  • Employee Training: Employees need to understand what constitutes indirect access. Training IT teams and software users can prevent inadvertent non-compliance.

Importance of Documentation and Monitoring
Documenting all data flows between SAP and third-party systems is essential for ensuring compliance. Keeping detailed records can help a company respond effectively during SAP audits.

Additionally, regular monitoring using automated tools is crucial for preventing unauthorized access. Maintaining this documentation can also be an important reference during licensing negotiations or legal disputes.


6. Key Legal Issues in Indirect Access

Key Legal Issues in Indirect Access

Legal Considerations: Definition of Access
A central legal challenge in indirect access disputes is the definition of “access.” For SAP, any method by which SAP data is touched, regardless of direct or indirect means, qualifies as access. Companies must understand how SAP defines these access methods, as interpretations can vary and lead to disputes.

Usage Rights, Data Integration Restrictions
Legal conflicts often arise from discrepancies between how companies interpret their usage rights and how SAP defines them. For instance, integrating SAP data into other business processes or databases without proper licensing can violate contractual terms. Data integration restrictions often stipulate the level at which SAP data can be combined or shared across platforms.

Avoiding Legal Conflicts with SAP
To avoid conflicts, companies should engage SAP in direct discussions when planning to use third-party applications. Proactive communication helps clarify what is considered indirect access. Before finalizing integration projects, consulting with a licensing expert can help avoid potential breaches and costly legal actions.


7. Indirect Access in SAP S/4HANA

Indirect Access in SAP S4HANA

Changes to Indirect Access in S/4HANA
SAP introduced significant changes to indirect access in the S/4HANA platform. The most notable is the Digital Access Model, which attempts to simplify licensing for indirect access by charging based on document use rather than counting indirect users or interfaces.

This model is designed to provide more predictability, though it requires companies to understand how documents are categorized and charged.

Introduction of the Digital Access Model
The Digital Access Model moves away from user-based licensing and focuses on the volume of specific documents processed, such as sales orders, invoices, and material documents.

This shift provides more transparency in pricing, but it also means businesses need to track their document flows carefully to avoid unexpected charges.

Considerations for Companies Migrating to S/4HANA
For companies considering migration to S/4HANA, evaluating the impact of the Digital Access Model is essential. Migration provides an opportunity to re-negotiate licenses, often resulting in more favorable terms if approached correctly.

Companies should also map their current third-party integrations and work with SAP to ensure all indirect access points are covered. Properly understanding the differences in licensing structure between ECC and S/4HANA is critical for avoiding surprises.

8. How to Measure Indirect Access in SAP Systems

How to Measure Indirect Access in SAP Systems

Measurement and monitoring of how external systems interact with SAP are essential to managing indirect access effectively. Proper measurement can help mitigate risks, identify compliance gaps, and reduce unexpected costs.

Tools for Measurement (e.g., LAW, System Measurement Cockpit)
There are several tools that SAP provides to help companies monitor indirect access:

  • License Administration Workbench (LAW): This tool helps consolidate licensing information from various SAP systems to identify indirect usage patterns. It helps you assess the full scope of user licensing, including indirect access.
  • System Measurement Cockpit (SMC): This built-in feature allows companies to measure SAP system usage. It helps identify external systems’ connections to SAP and provides an overview of potential indirect access points.
  • SAP Global Trade Management (GTM): GTM can also analyze transactional data to understand document flows that involve indirect access. This is particularly helpful when using the Digital Access Model.

Metrics for Tracking Indirect Usage
To ensure that indirect access is compliant, companies should track specific metrics:

  • Volume of Documents Processed: In the Digital Access Model, tracking documents like sales orders, invoices, and purchase orders is essential. Each of these documents processed via third-party systems might incur indirect licensing costs.
  • Number of External Interfaces: Tracking how many systems interact with SAP through APIs or other interfaces gives insight into indirect usage.
  • Frequency of Access: Understanding how often third-party systems access SAP can help determine licensing costs. Systems that frequently interact with SAP could increase costs under transaction-based licensing models.

Frequency and Scope of Measurement

  • Frequency: Regular measurement is key. Companies should conduct usage assessments quarterly to ensure ongoing compliance, especially if new systems are being integrated or business processes are changing.
  • Scope: Measurement should cover all external systems interacting with SAP, including internal applications (e.g., custom-built tools) and third-party software. This helps ensure that all possible instances of indirect access are identified and appropriately licensed.

9. SAP Indirect Use and Integration Tools

SAP Indirect Use and Integration Tools

Indirect access often arises from how integration tools interact with SAP. Understanding these tools and managing compliance is crucial for effective indirect access management.

Overview of Common Integration Tools (e.g., APIs, Connectors)

  • APIs (Application Programming Interfaces): APIs are one of the most common integration tools, allowing different software systems to interact with SAP. For instance, an e-commerce platform might use an API to update SAP inventory levels.
  • Connectors: Tools like SAP Cloud Platform Integration (CPI) or Mulesoft connect different enterprise systems and SAP, facilitating data exchange.
  • Middleware: Middleware platforms like SAP Process Integration (PI) and Dell Boomi often handle data flows between SAP and other non-SAP systems. These integrations can lead to indirect access scenarios.

Licensing Requirements for Integration Tools
Every integration tool that interacts with SAP has potential licensing implications:

  • APIs: When third-party applications access SAP via APIs, they create indirect access. The volume of data exchanged or the nature of the transactions processed will determine licensing costs.
  • Connectors and Middleware: Connectors are typically categorized as indirect users of SAP. This means that the actions performed by the connector on behalf of a third-party system are subject to licensing fees.

Managing Compliance for Each Tool

  • Document Integration Points: Keep a record of all SAP integration points. This documentation helps during audits and ensures that every access point is properly licensed.
  • Evaluate Licensing Requirements Early: During the planning phase of any new integration, work with SAP to understand potential licensing needs. This helps prevent surprises during audits.
  • Regular Audits of Tools: Conduct audits of the integration tools used to interact with SAP. Compliant tools initially may require updated licenses as their scope of usage expands.

10. Case Studies in Indirect Access Disputes

Case Studies in Indirect Access Disputes

Learning from previous disputes can provide valuable insights into how SAP handles indirect access issues.

Analysis of Notable Cases

  • Diageo Case: Diageo faced a multi-million-pound lawsuit for using Salesforce to access SAP data without proper licensing. The ruling favored SAP, stating that even indirect access required adequate licensing. This case underlined the need to account for every instance of data interaction.
  • AB InBev: AB InBev had to settle a major dispute with SAP involving third-party logistics software interacting with SAP. They had not appropriately licensed indirect usage, leading to a substantial settlement cost.

Key Lessons and Best Practices

  • Transparency: Be transparent with SAP about all third-party systems interacting with SAP data.
  • Review All Contracts: Ensure all contracts and licensing agreements clearly outline usage rights, specifically indirect access.
  • Engage SAP Early: Engaging SAP in discussions before any third-party system integration can help negotiate more favorable terms and prevent legal disputes.

Understanding SAP’s Approach to Dispute Resolution
SAP proactively safeguards its licensing revenue, often resorting to legal action when indirect access is discovered without compliance.

Dispute resolution often involves negotiations and settlements, with SAP pushing for retrospective fees for indirect usage. Therefore, maintaining good communication with SAP and preemptively clarifying access rights are critical.


11. Mitigating Indirect Access Penalties

Mitigating Indirect Access Penalties

Indirect access penalties can be costly, but proactive strategies can help companies mitigate these risks.

Penalty Prevention Strategies

  • Regular Compliance Audits: Conduct quarterly audits to verify that all indirect access points are licensed correctly.
  • Limit External Integrations: The fewer the integrations, the lower the risk. Consolidate systems and limit the number of external interfaces whenever possible.
  • Use SAP-Approved Connectors: Where possible, use SAP-certified integration tools. These tools often have better compatibility and provide clearer licensing paths, reducing compliance risks.

How to Negotiate with SAP

  • Gather Usage Data: Gather accurate data on all indirect access points and related usage volumes before negotiating. SAP appreciates a clear understanding of how its systems are being used.
  • Propose Alternative Licensing Models: If the current licensing model results in high costs, negotiate for an alternative model, such as the Digital Access Model, which can sometimes lead to cost savings depending on your usage pattern.
  • Consider Long-Term Contracts: SAP might be more flexible with licensing fees if you commit to long-term agreements, which would provide predictability for both sides.

Building a Compliance-Centric Indirect Access Strategy

  • Training and Awareness: Train IT and business teams on what constitutes indirect access and how it impacts licensing. This ensures everyone in the organization understands compliance requirements.
  • Centralize Integration Planning: All SAP integrations should be planned and approved by a central team that understands licensing. This ensures a unified strategy and avoids ad-hoc integrations that could lead to non-compliance.
  • Leverage SAP Tools for Transparency: Use tools like SAP Solution Manager to monitor the system landscape, ensuring that every connection to SAP is tracked and licensed appropriately.

12. The Role of Digital Interfaces in Indirect Access

The Role of Digital Interfaces in Indirect Access

Digital interfaces play a crucial role in how systems communicate with SAP, often becoming key points of indirect access.

Correct use and management are vital to avoid licensing and compliance issues.

Types of Digital Interfaces: APIs, Connectors, Middleware

  • APIs (Application Programming Interfaces): APIs are popular tools for enabling systems to interact with SAP, such as allowing an external sales application to update data in SAP. They provide direct access to SAP data, which could lead to indirect access licensing issues.
  • Connectors: Tools like SAP Cloud Platform Integration (CPI) or other connectors facilitate the direct data flow between SAP and third-party applications, such as CRM systems. These connectors can trigger indirect access if third-party users manipulate SAP data.
  • Middleware: Middleware tools like SAP Process Integration (PI) or Mulesoft bridge various systems, enabling them to exchange information with SAP. Middleware simplifies integration but can also mask the visibility of access points, making it hard to track and manage compliance.

Their Impact on Licensing and Compliance
The way digital interfaces interact with SAP has a direct impact on licensing. For example:

  • APIs accessing data for non-SAP users may require separate licenses, depending on the nature and volume of transactions.
  • Middleware often aggregates data, making determining whether individual interactions fall under licensed access challenging. Unlicensed interactions can lead to compliance issues and penalties.
  • Connectors can result in additional licensing fees if they enable non-SAP users to manipulate SAP data indirectly without a proper license.

Best Practices for Managing Digital Interface Usage

  • Document All Interfaces: Keep a detailed list of all digital interfaces interacting with SAP, including their purpose and usage patterns.
  • Regular Monitoring: Use tools like SAP Solution Manager to track data flow and understand which interfaces access SAP data. This helps identify unlicensed usage before it becomes a compliance issue.
  • Work closely with SAP: Regularly review the interfaces and integrations with SAP representatives to ensure compliance with current licensing agreements.

13. Preventing Unauthorized Indirect Access

Preventing Unauthorized Indirect Access

Preventing unauthorized indirect access is essential for staying compliant and avoiding hefty penalties. Implementing preventive measures and tools is crucial for managing SAP environments effectively.

Strategies for Preventing Unlicensed Access

  • Set Clear Access Policies: Define specific policies on which systems and users can access SAP data, especially through third-party applications. Restrict unnecessary interactions to reduce compliance risks.
  • Role-Based Access Control (RBAC): Use RBAC to assign permissions only to those who require it. Limit the ability of external systems and users to interact with SAP data to minimize unauthorized access.
  • Regular Audits: Conduct frequent internal audits of all third-party integrations to ensure they comply with SAP’s licensing requirements.

Tools for Monitoring and Auditing Access Points

  • SAP GRC (Governance, Risk, and Compliance): SAP GRC can help monitor who is accessing SAP data and how to provide insights into compliance.
  • License Administration Workbench (LAW): This tool allows companies to assess SAP license utilization, including indirect access points.
  • SAP Solution Manager: Utilize Solution Manager for an overall view of all access points, allowing for better management and compliance tracking.

Building a Culture of Compliance within Teams

  • Training and Awareness: Educate employees on indirect access and why it matters. All team members, especially IT and operations, should understand the risks associated with unlicensed use.
  • Designate Compliance Champions: Assign specific individuals or teams to monitor compliance as a bridge between IT and management to ensure adherence to SAP licensing policies.
  • Continuous Review and Updates: Regularly revisit access policies, especially when new integrations or software upgrades are planned, to ensure they meet SAP compliance standards.

14. Licensing Costs with Third-Party Integrations

Licensing Costs with Third-Party Integrations

Managing licensing costs for third-party integrations can be challenging, but it is crucial to controlling overall IT expenses and staying compliant.

Identifying Cost-Intensive Integrations

  • High Transaction Volume Systems: Systems like CRM and e-commerce platforms that frequently interact with SAP often lead to higher licensing costs due to the number of transactions they process.
  • Custom Integrations: Custom-built applications that require frequent data exchange with SAP are often cost-intensive because they might involve complex data manipulation, which incurs additional licensing fees.

Budgeting for Third-Party Access

  • Plan for Growth: When budgeting, consider potential growth in transaction volume. Increased use of third-party systems often means increased SAP licensing costs.
  • Evaluate the Digital Access Model: Consider moving to SAP’s Digital Access Model. Instead of user-based licensing, this model charges based on the number of documents processed, which might lead to more predictable costs for some businesses.

Reducing Costs with Integration Management Strategies

  • Consolidate Interfaces: Reduce the number of systems directly interacting with SAP to lower licensing costs. Where possible, use fewer, more efficient integrations.
  • Negotiate Licensing Terms: Work with SAP to negotiate favorable licensing terms, particularly for heavily integrated environments. SAP may provide custom terms for companies with complex needs.
  • Review Integration Usage: Periodically audit third-party integrations to identify underused or redundant systems. Removing these systems can help reduce indirect access fees.

15. How to Defend Against Indirect Access Audits

How to Defend Against Indirect Access Audits

SAP audits can be stressful, especially involving potential indirect access violations. However, proactive preparation and effective defense strategies can significantly mitigate risks.

Preparing for an Audit

  • Maintain Comprehensive Documentation: Keep records of every third-party system integrated with SAP, the data exchanged, and the purpose of each integration.
  • Conduct Preemptive Internal Audits: Regularly audit your usage internally to identify any unlicensed access before SAP does. This will give you time to rectify issues and avoid penalties.
  • Understand Your Licensing Agreement: Be fully familiar with the details of your SAP licensing agreement, including clauses about indirect access. Knowing your rights and obligations can be a critical advantage during an audit.

Steps to Gather Documentation and Evidence

  • Document Each Integration: List each system that interacts with SAP, including the type of data exchanged and the frequency of interaction.
  • Log System Interactions: Maintain logs of all interactions involving SAP data. If questioned during an audit, this will provide clear evidence of compliant use.
  • Use SAP Tools for Monitoring: Tools like LAW and Solution Manager can help collect accurate data on system usage, essential for demonstrating compliance.

Negotiating Audit Results with SAP

  • Demonstrate Good Faith Efforts: If non-compliance issues are found, showing that you have taken steps to stay compliant, such as internal audits and proactive monitoring, can lead to more favorable outcomes.
  • Seek Retrospective Licensing Agreements: If unlicensed use is discovered, negotiate retrospective licensing agreements to cover past usage rather than paying penalties. This approach can often be less expensive.
  • Propose Changes to Licensing Terms: Use the audit process to negotiate updated licensing terms that reflect your organization’s actual use patterns. SAP may be willing to adjust terms to avoid future disputes.

16. SAP Indirect Access Lawsuits and Settlements

SAP Indirect Access Lawsuits and Settlements

Overview of Prominent Legal Cases (e.g., Diageo, AB InBev)
SAP has been involved in numerous high-profile lawsuits related to indirect access, with Diageo and AB InBev being among the most well-known cases.

  • Diageo Case: Diageo was penalized for using Salesforce to access SAP data without obtaining proper licenses. The court found that using external software to indirectly interact with SAP counted as indirect access, resulting in a significant financial settlement.
  • AB InBev Case: AB InBev faced a lawsuit due to third-party software interacting with SAP systems without proper licensing. They eventually had to settle the case for millions, highlighting the importance of understanding indirect licensing requirements.

Lessons Learned from Lawsuits

  • Clarify Contract Terms Early: Understanding licensing terms upfront can prevent disputes. Both cases emphasize the importance of reading the fine print and clarifying usage rights with SAP.
  • Document Integrations: Ensure all third-party integrations are documented and reported to SAP. Poorly documented or unchecked integrations often result in unauthorized access.
  • Engage with SAP Regularly: Communicating with SAP about planned integrations can help secure better licensing terms and prevent conflicts.

Proactive Measures to Avoid Similar Conflicts

  • Audit Integrations: Regularly audit all third-party software integrations to confirm compliance with SAP’s indirect access policies.
  • Negotiate Custom Terms: Companies can negotiate specific terms with SAP to avoid ambiguity, particularly if their setup involves complex third-party systems.
  • Use SAP-Certified Integrations: Wherever possible, use SAP-certified connectors or applications. This reduces the likelihood of misunderstandings about licensing requirements.

17. Best Practices for Indirect Access in Large Companies

Managing indirect access in large-scale environments requires well-defined policies, a focus on compliance, and effective management of diverse applications.

Policies for Large-Scale SAP Environments

  • Formalize Integration Policies: Create guidelines that dictate how third-party systems can connect to SAP. Clear policies help mitigate risks and avoid unauthorized access.
  • Centralized Integration Management: Centralize the management of all integrations to ensure a single point of control and monitoring. This makes it easier to monitor compliance and reduces risks.

Managing Access Across Diverse Applications

  • Segmentation of Systems: Segment systems based on their integration needs. Allowing essential applications to interact with SAP reduces exposure and potential compliance issues.
  • Role-Based Permissions: Implement Role-Based Access Control (RBAC) to ensure that only authorized users and applications can access SAP data directly or indirectly.

Creating a Compliance-First Culture for SAP Use

  • Training Programs: Educate employees and integration teams on the implications of indirect access and the costs involved. Compliance is easier when everyone understands the rules.
  • Continuous Compliance Monitoring: Use tools like SAP Solution Manager and GRC (Governance, Risk, and Compliance) to monitor compliance. Regularly update and review policies in response to changes in SAP licensing.
  • Internal Compliance Audits: Schedule regular internal audits to identify and resolve compliance issues before SAP audits occur. This proactive approach can save both time and money.

18. SAP Indirect Licensing in the Cloud

Cloud environments add new complexities to SAP indirect access. Companies need to understand how cloud integration affects their SAP licensing.

Cloud Considerations for Indirect Access

  • Virtual Environments: Running SAP in virtual or cloud environments can make indirect access difficult to track. APIs and cloud connectors must be properly licensed, as they often increase the number of indirect interactions.
  • Multi-Cloud Integrations: Many companies use multiple cloud platforms (e.g., AWS, Azure, Google Cloud) alongside SAP. Each integration represents a potential access point that needs proper licensing.

Navigating SAP Licensing in Hybrid Environments

  • Hybrid Licensing Models: Companies should review the compatibility of existing licenses in hybrid cloud and on-premises environments. Depending on whether the system is on-premises or in the cloud, different licensing terms may apply.
  • Track Data Movement: Monitor data movement between cloud-based and on-premises systems. Any data exchanged across environments might trigger indirect access requirements.

Best Practices for Cloud-Based SAP Systems

  • Use Cloud Connectors Wisely: Only use necessary cloud connectors and document each integration for compliance purposes.
  • Collaborate with SAP Early: Before moving to a cloud-based SAP system, engage with SAP to discuss how cloud usage will affect licensing. This helps prevent issues later.
  • Regular Monitoring: Cloud monitoring tools track usage and data flow between SAP and other cloud platforms. Identifying potential compliance issues early will save costs.

19. SAP Marketplace and Indirect Use Licensing

Using SAP Marketplace applications can also trigger indirect access licensing concerns. Companies need to navigate these potential pitfalls carefully.

SAP Marketplace Applications and Licensing Implications
SAP Marketplace provides various third-party applications that integrate with SAP systems. However, these integrations can inadvertently create indirect access scenarios. It’s important to review each application’s licensing requirements before deployment.

Ensuring Compliance When Using Marketplace Apps

  • Evaluate Licensing Terms: Before purchasing or integrating a Marketplace app, evaluate whether it will lead to indirect access and the associated licensing costs.
  • Document Use Cases: Document all use cases for SAP Marketplace applications and assess their impact on SAP data. This helps ensure that compliance requirements are understood and adhered to.

Monitoring and Managing Indirect Use

  • Continuous Monitoring: Tools like SAP Solution Manager can help continuously monitor Marketplace apps and identify how they interact with SAP data.
  • Regular Review: Review your Marketplace integrations to ensure they comply with the latest SAP licensing rules.

20. Reducing Costs of SAP Indirect Use

Indirect access costs can quickly escalate, but several strategies exist to control and reduce these expenses.

Techniques for Cost Reduction

  • Consolidate Integrations: Reduce the number of third-party systems interacting with SAP. Consolidation decreases the number of access points and, subsequently, potential licensing fees.
  • Use the Digital Access Adoption Program (DAAP): SAP’s DAAP allows companies to switch to document-based pricing, which can sometimes be more cost-effective than user-based pricing models. This is particularly beneficial for companies with high indirect access volumes.
  • Negotiate License Bundles: Negotiate for bundled licenses that include indirect access rights. This may reduce per-user or per-transaction costs.

Leveraging DAAP for Fairer Licensing Terms

  • Assess Document Usage: Evaluate the types and volume of documents processed through indirect access to determine whether the DAAP model fits well.
  • Negotiate Early: Engage SAP early about transitioning to DAAP. Early negotiations often yield better pricing and terms.

Budgeting and Planning for Future Access

  • Plan for Expansion: As third-party integrations grow, plan for the increased cost of indirect access. Budget for potential growth to avoid financial surprises.
  • Audit Usage Regularly: Conduct internal audits of indirect access usage to identify areas where costs can be cut, such as eliminating underused systems or transitioning to more cost-effective licensing models.

FAQ: SAP Indirect Access Licensing

What is SAP Indirect Access Licensing?
SAP Indirect Access Licensing refers to situations where third-party software accesses SAP data without a named user license, often resulting in additional costs.

How does indirect access impact my SAP licensing costs?
Indirect access can increase costs, as SAP charges for data use through external systems or applications, even if accessed indirectly.

What tools help measure indirect access?
Tools like SAP License Administration Workbench (LAW) and System Measurement Cockpit track and measure indirect usage of SAP systems.

Is using APIs considered indirect access?
If non-SAP systems use APIs to interact with SAP data, it is generally considered indirect access and may require proper licensing.

What are the consequences of unlicensed indirect access?
Companies that do not comply with SAP’s licensing policies for indirect access may face audits, financial penalties, or forced settlements.

How can companies prevent unauthorized indirect access?
To avoid unauthorized indirect access, define clear policies, use role-based access control, and limit integrations to essential systems.

How do I defend against an indirect access audit?
Prepare by gathering accurate documentation of all third-party integrations, conducting internal audits, and negotiating terms with SAP if issues are found.

What lessons can be learned from SAP indirect access lawsuits?
Proactively manage and document all third-party integrations to avoid disputes. Engage with SAP on licensing terms early to avoid misunderstandings.

How does cloud usage affect indirect access?
Cloud integrations add complexity, as virtual systems interacting with SAP data must still comply with indirect access licensing rules.

How do SAP Marketplace apps affect licensing?
Marketplace applications interacting with SAP can lead to indirect access scenarios, requiring compliance checks to avoid unlicensed use.

What strategies reduce SAP indirect licensing costs?
To reduce costs, consolidate third-party integrations, consider SAP’s Digital Access Adoption Program (DAAP), and negotiate custom licensing terms with SAP.

What is the Digital Access Adoption Program (DAAP)?
DAAP program allows companies to transition to document-based pricing for indirect access, which can sometimes be more predictable and cost-effective.

How do I ensure compliance for SAP indirect access in large companies?
Establish formal integration policies, centralize integration management, and conduct frequent compliance audits to ensure all access is licensed.

How can indirect access in SAP S/4HANA be managed?
In S/4HANA, the Digital Access Model can simplify licensing but requires understanding the number and types of documents processed by third-party systems.

Why is indirect access compliance important?
Ensuring compliance helps avoid unexpected costs and legal conflicts, keeps the organization within the bounds of SAP’s licensing requirements, and avoids potential penalties.

Author
  • Fredrik Filipsson

    Fredrik Filipsson brings two decades of Oracle license management experience, including a nine-year tenure at Oracle and 11 years in Oracle license consulting. His expertise extends across leading IT corporations like IBM, enriching his profile with a broad spectrum of software and cloud projects. Filipsson's proficiency encompasses IBM, SAP, Microsoft, and Salesforce platforms, alongside significant involvement in Microsoft Copilot and AI initiatives, improving organizational efficiency.

    View all posts