RFC Security, Science-Fiction and Theatre
SAP ALE
In order to reduce the complexity of the SAP basis operation and to accelerate and simplify the tasks of the SAPBasis and to create free capacities, standardisation and automation of the existing activities is required. Details can be found in chapters 7.7 and 9.5 of the Master's thesis.
In the case of client settings, you should ensure that the production client is protected against overwriting and that changes are only approved via the transport management system (TMS) to ensure traceability. In the interests of system security, changes to repository and client-independent objects should also not be permitted. The use of eCATT and CATT should also be at least restricted, as allowing them can lead to significant database changes.
Default Scenario
What are the requirements and benefits of a modern identity management system (IDM) in the GRContext and what should be taken into account in application processes? Modern companies need to be able to effectively control their employees' access and system permissions to ensure optimal corporate control and monitoring. This need can also be inferred from legal requirements. IDM is the user and permission management within an organisation. These systems are an essential part of the internal control system. This includes the continuous monitoring and allocation of access possibilities as well as the systematic securing of functional separation (SoD - Segregation of Duties) in the IT systems. This is primarily intended to better manage relevant business and financial risks and to prevent criminal acts. The management of user and permission structures must ensure that, when the roles and responsibilities change, the privileges of the employees concerned in the systems are adjusted. Failure to do so will result in a multi-department employee having extensive privileges that can be critical in combination. Trust is good, control is better In order to avoid employees being entitled beyond your area of competence, user data and permissions must be continuously adjusted to the current requirements. It therefore makes sense to regularly carry out a recertification process in which the role owner and the manager sign off in compliance with the four-eye principle that the employee is entitled to the current privileges or may have to be deprived of rights from previous activities. Provisioning as a central function of the IDM Provisioning components form a central function of IDM systems, which provide users with individual access rights for the required IT resources according to their task.
Daily checks are still commonplace for many SAP customers today; with Avantra, they are a thing of the past. These are manual checks that a bot can perform hundreds of times each day. Similarly, a bot can create incidents or notifications when something goes wrong.
The "Shortcut for SAP Systems" tool is ideal for doing many tasks in the SAP basis more easily and quickly.
SAP Basis refers to the administration of SAP system that includes activities like installation and configuration, load balancing, and performance of SAP applications running on Java stack and SAP ABAP. This includes the maintenance of different services related to database, operating system, application and web servers in SAP system landscape and stopping and starting the system. Here you can find some useful information about SAP Basis: www.sap-corner.de.
Migration to the Cloud Platforms.
A very good example are frequently used web applications that represent something new in the SAP area.