Change and release management
Data Migration
This makes the technical user the dialogue user and a login in the SAP system is unrestricted. So Johannes logs in with the known password of the RFC user in the production system. Thanks to very extensive permissions, it now has access to all sorts of critical tables, transactions, and programmes in production. With the identity of the RFC user Johannes starts with the technical compromise of the production system... RFC Security: All invented - or everyday threat? Whether a simple trim, altered biometric properties or an encapsulated technical user in the SAP system: the basis of the compromise is the same. A person uses a different identity to gain access and permissions to protected areas. Moreover, the evil in all three stories could have been prevented by pro-activity. When was the last time you thought about the security of your RFC interfaces? Can you say with certainty that all your technical RFC users only have the permissions they actually need? And do you know who exactly knows the passwords of these users? Can you 100% rule out that not now in this moment an SAP user with a false identity infiltrates your production systems? Change now: It's about pro activity! But before you start now and start looking for the "identity converter" (which I really do not recommend!), I suggest that you take root of evil and proactively strengthen your RFC security. So if you want to find out more, I have the following 3 tips for you: 1) Our e-book about SAP RFC interfaces 2) Clean up our free webinar about RFC interfaces 3) Blog post about our approach to optimising RFC interfaces As always, I look forward to your feedback and comments directly below these lines!
In order to have some advantage in terms of new SAP technologies, suitable PoCs (Proof of Concepts), research and pilot projects must be initiated to build know-how and evaluate boundary conditions or feasibility. Furthermore, this serves the evaluation of new business models by the underlying technology in collaboration with the respective business unit.
Double stack split
In addition to the optimisation potential of Security Automation, which I explained in more detail in my last post, the E-Learning division also offers numerous possibilities for automation. Since many companies are not yet making the most of these potentials due to a lack of knowledge about this particular form of knowledge transfer, I would like to address this in the following post. E-learning is also a form of automation that, if used correctly, brings many positive aspects. In the end, e-learning is a way to store know-how in a form that can be retrieved again and again. This means, of course, a certain initial effort for the creator, which nevertheless pays off more than if the quality is sufficient. What are the opportunities for a company to take advantage of e-learning? A company has several ways in which it can exploit and use the area of e-learning for itself. The fundamental question that should arise immediately after the decision to do so is whether the company creates the content itself or whether it relies on the content from external sources. Both have advantages and disadvantages, which I would like to explain in the following.
Understanding the structure and functioning of the system is especially important for IT administration. It is not for nothing that "SAP Basis Administrator" is a separate professional field. On the page www.sap-corner.de you will find useful information on this topic.
SAP Basis is responsible for the smooth operation of programs in the SAP system. It acts like an operating system for R/3 and subsequent releases including S/4HANA. Every operating system provides an environment in which programs can run, such as MS Office on Microsoft Windows. In the same way, the SAP Basis system with the NetWeaver and HANA platforms provides an environment in which SAP programs can run. In this context, the NetWeaver platform itself relies on server operating systems such as Windows and Linux.
"Shortcut for SAP Systems" makes many tasks in the area of the SAP basis much easier.
The cause of the error can be found in the appropriate protocol, for example in the import or generation protocol.
So much information... how can you keep it so that you can find it again when you need it? Scribble Papers is a "note box" that makes this very easy.
A role concept according to best practice protects you from potential attacks within your SAP landscape.