Cloud
SM30 Table maintenance
Through a sound expertise in the SAP technology environment, it is recommended to bring the know-how of the SAP basis into the IT strategy and IT roadmap. For this, the responsibility lies primarily with the CIO as the carrier and responsible of the IT strategy and the IT organisation. Likewise, the SAP basis should serve as a sparring partner for individuals and boards (such as enterprise architects) that significantly influence the strategy.
If all tasks considered to be an interface theme are supported by the SAPBasis, this means a very wide range of tasks. Here it is necessary not to overwhelm the own employees within the SAP basis and to keep the complexity of different topics and technologies manageable per capita. Therefore, a corresponding growth is associated with this interface task. This recommendation is general and does not apply only to the SAP basis.
SAP Basis Service
An important area of SAP Security is the analysis of the customer's own SAP programs, which are classically written in the proprietary SAP language ABAP. Here, too, as in all programming languages, security vulnerabilities can be programmed - whether consciously or unconsciously. However, the patterns of security vulnerabilities in ABAP code differ from those in Java stacks or Windows programs. The goal of these conventional programs is usually to either crash the program (buffer overflow) or to artificially execute the program's own code (code injection). Both is not possible in ABAP, since a crash of a process causes nothing else than the creation of an entry in the log database (Dump ST22) and a subsequent termination of the report with return to the menu starting point. So a direct manipulation as in other high level languages or servers is not possible. However, there are other manipulation possibilities.
If all financial and sales activities as well as production, logistics and the personnel administrators run via one system, measures must be taken to ensure reliable functioning on the one hand and to protect the system internally and externally on the other. Due to the long history, the increased availability requirements often do not match the actual protection measures, so that security risks often arise at this point.
With "Shortcut for SAP Systems" a tool is available that greatly facilitates some tasks in the SAP basis.
The website www.sap-corner.de offers many useful information about SAP basis.
Access to it is provided by the class methods of the CL_PERS_ADMIN class.
We have resources that have been active in this environment for many years and have gained extensive experience.