SAP Basis Support Packages from the SAPNet - Load Web Frontend or Collection CDs - SAP Admin

Direkt zum Seiteninhalt
Support Packages from the SAPNet - Load Web Frontend or Collection CDs
Hybrid clouds
Practical experience at home and abroad has given us a proven view of heterogeneous system landscapes. This flows into our consulting as a further plus point and creates not only smooth functionality but also cost efficiency of your individual system landscape.

For example, many customer ABAP programs work by uploading or downloading data. There are potentially large security gaps here that allow access to server data. In addition, the widespread direct invocation of operating system commands that are not covered by a self-programmed authorization check is a major problem. Even though classic SQL injection, i.e., the entry of extended SQL commands, is a potential security vulnerability, it occurs rather rarely in SAP systems. More widespread is the unintentional dynamization of SQL calls because input parameters are not sufficiently checked. The need to check all in-house developments internally for such security vulnerabilities before they are delivered in SAP's own code has led to the development of the SAP Code Vulnerability Analyzer tool.

Some useful tips about SAP basis can be found on www.sap-corner.de.
The administration of SAP Basis
More security with less effort Internal employees often do not have the comprehensive know-how to know all relevant security risks. However, our security experts specialise in this. We use a standardised approach to determine your current security situation. Based on the analysis results, we show you where the security of your SAP systems can be improved and show you possible solutions. Focus your internal resources on your core business, while our experts will perform a customised audit on your SAP system to determine your security status. SAP Security Check - Our standardised approach (4-step model) Briefing: You register an interest in SAP Security Check. A consultant will contact you and discuss the details of the exam. They have the opportunity to clarify individual issues and to determine the focus of the security check. Data extraction: To ensure that your system is not affected by our audit, we export the relevant data manually or with the help of a data export tool. Analysis: Our security experts analyse the data, evaluate the results and prepare your report. Results: We will discuss the results of SAP Security Check with you. If safety deficiencies have been discovered, we will give recommendations for action on how to correct them. Optionally, you can ask our experts to solve your security risks in the short term. Your security risks become transparent Rapid assessment of your current SAP security status Detailed analysis and documentation Simple traffic light system enables overview of the results You can assess and prioritise the potential for danger for your company for every risk Know-how Transfer and recommendations for action You can easily communicate internally with the transparent and easily understandable final report You can close the relevant security gaps with our measures Optional: Eliminating security deficiencies Experts Our standardised approach enables us to assess the security of your SAP systems systematically and quickly. You do not need to build up authorisation expertise.

Customers with such a case regularly contact us. Creating a Permission Concept from the ground up is often a time-consuming task. Furthermore, the know-how, which aspects should be dealt with in an authorisation concept and how the corresponding processes can look practical and at the same time audit-proof is often lacking. Our solution: tool-based generation of an individual, written authorisation concept In this situation, we have recommended to our customers the tool-based generation of a written authorisation concept directly from the SAP system. We use the XAMS Security Architect tool, with which we have had good experiences. This includes a template for a revision-proof and comprehensible, written authorisation concept. It includes established best practices for role and entitlement management. The template covers all relevant areas in a permission concept. The included text of the authorisation concept is completely customisable, so that the concept can be tailored to your situation without creating a permission concept from scratch. Dynamically update the written authorisation concept One of the biggest challenges after the development of an authorisation concept is to keep it up to date in the long term and to measure the sustainable implementation in the system. This is achieved by integrating live data such as configuration settings and defined rules directly from the connected system. For example, lists of existing roles or user groups and tables are read from the system each time the document is generated and updated in the permission concept. The following screenshot shows an example of what the appearance in the concept document might look like. Automatically check and monitor compliance with the concept To check compliance with the concept, the XAMS Security Architect includes extensive inspection tools. These cover the rules formulated in the concept and are suitable for measuring the extent to which the reality in the system meets the requirements formulated in the concept.

Use "Shortcut for SAP Systems" to accomplish many tasks in the SAP basis more easily and quickly.

However, sometimes two miners working on the longest chain find a new block at the same time.

The freeware Scribble Papers puts an end to the confusing paper chaos. The tool is also suitable for storing, structuring and quickly finding text documents and text snippets of all kinds in addition to notes.


This improves the capabilities of SAP HANA base administrators and increases the level of service they should provide.
Zurück zum Seiteninhalt