Concur Invoice Professional Edition Administration Help

October 2018 Request Professional Edition Admin Summary

Initial Post

Request

Data Retention: Change to Email Notification of Configuration Changes

With this release, the system will automatically email all users who have the Data Retention Administrator role or permission whenever changes are made to the data retention policy.

Prior to this change, only the admin who made the change received the 72-hour confirmation email.

Business Purpose / Client Benefit: This change provides greater visibility of configuration changes.

Email Infrastructure Change – Whitelist IP Addresses

SAP Concur is transitioning to a new email infrastructure for outbound emails from our products to SAP Concur users. Because of this, companies who filter inbound email based on the sending IP address must whitelist new IP addresses to ensure that their users receive email from SAP Concur.

The new IP addresses are not published publicly but they are available by contacting SAP Concur support. Please work with your email server management team to ensure any required whitelists for IP addresses are updated so that your users continue to receive SAP Concur emails without interruptions.

Updated Email Format

SAP Concur is in the process of updating the format of all email notifications. These changes will provide a fresher, consistent look and feel across all SAP Concur services. The change will be introduced gradually. Some users will see the updated format immediately; some will see it over the next few months.

Be aware that the email content has not changed – just the look and feel.

Business Purpose / Client Benefit: The intent is to provide a consistent, updated look for users.

SAP Concur Platform

Callout Server Requirements Update Completed

SAP Concur has upgraded the servers that support the SAP Concur Platform Callouts. This maintenance includes the Production Proxy Migration and PWS Server Migration to VM.

These servers support the following functionality:

  • Fetch Attendee Data Callout
  • Fetch List Item Callout
  • Event Notification Callout
  • Launch External URL Callout
  • Concur Salesforce Connector

Be aware that this maintenance means that for any customer callout URLs, SAP Concur has the following requirements:

  • The endpoint is secured with SSL/TLS.
  • The endpoint uses a minimum of TLS 1.0, but TLS 1.2 is preferred.
  • The endpoint must employ Diffie-Hellman cipher suites with key sizes >1024 bits.
  • Due to the ever-evolving world of SSL and standards, we do not publish a specific list of permitted cipher suites, but we generally advise that a modern industry supported list is utilised.
  • The endpoint must present an SSL certificate with a chain to a valid root that can be verified. If the chain cannot be verified without installing additional certificates, the calls from SAP Concur will fail.

Business Purpose / Client Benefit: This maintenance will mitigate the out-of-warranty issue with our current hardware.

Planned Changes

The items in this section are targeted for future releases. Concur reserves the right to postpone implementation of – or completely remove – any enhancement/change mentioned here.

**Planned Changes** Archive Deactivated User Data

As SAP Concur continues to grow, steps must be taken to enhance and improve the performance of our system so that we can meet customer expectations and the needs of their business.

Our overall goal is to significantly improve the performance of SAP Concur services by reducing the amount of data that is stored in our Production datastore. By reducing the data in the Production system, we can use server memory much more efficiently, which reduces processing time for transactions. For this reason, SAP Concur is developing an archive process for users who have been deactivated by their employers for at least three years. The archive process moves this "deactivated" user data from our Production datastore to a separate Reporting datastore.

Business Purpose / Client Benefit: Moving deactivated user data will provide faster processing time for transactions. In addition, it provides a more secure environment for inactive users' personal information.

IMPORTANT!

We are currently piloting the process and evaluating the results. Our goal is to ensure that customers are not negatively affected, that we have considered all pertinent scenarios and that the archiving process provides the desired results.

There is no target date for the implementation of this new process. We will announce via release notes well ahead of time.

**Planned Changes** Single Sign-On (SSO) Self-Service Option Coming to Concur

Single Sign-On allows users to access multiple applications using one set of login credentials. Currently, SAP Concur has two methods for signing in: with a user name and password or using SSO with identity provider (IdP) credentials, such as a user's login credentials for their organisation.

SAP Concur is planning to add a Manage Single Sign-On (SSO) feature to Concur that provides Concur clients with a self-service option for setting up SSO for their organisation. SSO is currently supported for Concur Expense, Invoice, Request and Travel.

Other SAP Concur products and services are outside the scope of this initial release.

The new Manage Single Sign-On (SSO) feature will be accessible from the Administration > Company > Company Admin page.

Business Purpose / Client Benefit: This feature provides Concur clients with a self-service option for setting up SSO.

Client Notifications

SAP Concur Non-Affiliated Subprocessors

The list of non-affiliated subprocessors is available here: SAP Concur list of Subprocessors (English Only)

Monthly Browser Certifications

Monthly browser certifications, both current and planned, are available with the other SAP Concur monthly release notes, accessible from What's New - Professional Edition