System copy, system update, etc
SAPUI5 and Fiori
This makes the technical user the dialogue user and a login in the SAP system is unrestricted. So Johannes logs in with the known password of the RFC user in the production system. Thanks to very extensive permissions, it now has access to all sorts of critical tables, transactions, and programmes in production. With the identity of the RFC user Johannes starts with the technical compromise of the production system... RFC Security: All invented - or everyday threat? Whether a simple trim, altered biometric properties or an encapsulated technical user in the SAP system: the basis of the compromise is the same. A person uses a different identity to gain access and permissions to protected areas. Moreover, the evil in all three stories could have been prevented by pro-activity. When was the last time you thought about the security of your RFC interfaces? Can you say with certainty that all your technical RFC users only have the permissions they actually need? And do you know who exactly knows the passwords of these users? Can you 100% rule out that not now in this moment an SAP user with a false identity infiltrates your production systems? Change now: It's about pro activity! But before you start now and start looking for the "identity converter" (which I really do not recommend!), I suggest that you take root of evil and proactively strengthen your RFC security. So if you want to find out more, I have the following 3 tips for you: 1) Our e-book about SAP RFC interfaces 2) Clean up our free webinar about RFC interfaces 3) Blog post about our approach to optimising RFC interfaces As always, I look forward to your feedback and comments directly below these lines!
Every SAP system evolves over many years. It grows and changes with the company. The more functions are mapped in it and the more data is stored, the greater the importance of and dependence on this central ERP system. There is no such thing as a standard SAP Basis solution. It is developed individually with reference to the company.
System changeability and client settings
The marketing mix model is suitable for creating a marketing concept. This is usually divided into four pillars - the four Ps. These are Product, Price, Place and Promotion. In the case of services, this is often accompanied by the aspect of personnel policy. Although the marketing mix model is aimed at the external distribution of products and services, aspects of it can also be applied to an internal marketing of the SAP basis. For the design of the respective areas of the marketing mix, it is recommended to use a guide to develop a marketing concept. STEP 1: DEFINITION OF PERFORMANCE This step deals with the description of the services to be offered. Similarly, this step provides a categorisation of the type of service. These include, for example, the levels of secondary or primary service. With respect to the SAP basis, this step is concerned with product portfolio analysis and the creation of IT products and a product catalogue. STEP 2: OWN RESOURCES Subsequently, a determination of one's resources takes place. That is, it identifies the resources that are available and that can be used and the resources that need to be developed. Resources are people, objects, systems, knowledge, and funds. For the SAP basis, this step is an inventory. STEP 3: DETERMINATION OF THE OBJECTIVES The mission and vision of service providers will be determined in the framework of the setting of the objectives. It also sets measurable targets for the next three years.
Some useful tips about SAP basis can be found on www.sap-corner.de.
This is a general list. There are many other tasks that a basic consultant has to deal with. Every day you learn something new!
Tools such as "Shortcut for SAP Systems" complement missing functions in the SAP basis area.
However, it does not always make sense to use only automated test scripts.
So much information... how can you keep it so that you can find it again when you need it? Scribble Papers is a "note box" that makes this very easy.
Scheduling background jobs, job monitoring, job deletion, etc.