System Retirement
SAP Solution Manager
Application layer: The application layer is the core of an R/3 SAP Basis system. This layer communicates in both directions, to the presentation layer and to the database layer. The application programs on the application servers request the required data from the database layer, process it, prepare it for the user and pass it on to the presentation layer. Data that the user enters in the SAP GUI is passed on to the database via the application servers.
Daily checks are still commonplace for many SAP customers today; with Avantra, they are a thing of the past. These are manual checks that a bot can perform hundreds of times each day. Similarly, a bot can create incidents or notifications when something goes wrong.
DOCUMENTATION / ARCHIVING
A secure SAP system does not only include a good role concept. It is also necessary to check whether a user should (still) have a specific role. Regular verification of role assignment is called recertification. In this blog post, I'd like to introduce you to the need for recertifications and our own tool, EasyReCert. The need for recertification - scenarios: Example 1: The "apprentice problem" Imagine the following scenario: A new employee (e.g. apprenticeship or trainee) will go through various departments as part of his or her training and will work on various projects. Of course, an SAP User will be made available to your employee right at the beginning, which is equipped with appropriate roles. As each project and department passes, the employee repeatedly needs new permissions to meet the requirements. After the employee has successfully completed his or her induction and is now in a permanent position, he or she still has permissions that are not necessary to perform his or her duties. This violates the principle of "last privilede" and represents a potential security risk for your company. Example 2: The change of department The change of department is one scenario that probably occurs in every company. If a change of department does not automatically involve a complete reallocation of roles and the employee simply takes his old permissions with him, critical combinations of permissions can occur very quickly. For example, an employee who has permissions in accounts payable and accounts receivable violates the SoD ("Segregation of Duties") principle and poses a potential security risk to your company. Recertification as part of a revision: The two examples above show that a regular review of role allocation identifies potential security risks for your business and can be addressed.
On www.sap-corner.de you will also find useful information about SAP basis.
The master's thesis identified and examined in detail influencing factors such as technological trends and the SAP product strategy as well as the company-specific conditions. Several empirical studies were also carried out in the course of the work. If you are interested in the entire Master's thesis and are a DSAG member, you can read the document at info@dsag.de, headword: Master thesis SAP-Basis of Tomorrow, request.
For administrators, a useful product - "Shortcut for SAP Systems" - is available in the SAP basis area.
Your starting situation The ongoing changes in your IT systems lead to unrecognised security vulnerabilities and your auditors will regularly report to you in the final report on abuses in the authorisation concept.
A note box in which data of all kinds can be quickly filed and retrieved. This is what Scribble Papers promises. At first, the program looks very spartan. But once a small structure is in place, you realise the great flexibility of this little helper.
The correct name for this is as follows: The first three characters are the file extension of the two files you copied into the transport directory.