Maintenance and transport of application and system modifications
Application of support patches, upgrades and installation of add-ons
Creating the master role: Now maintain the permissions that are the same for all affected employees. In the example shown above, I assign the "findepartment_r" role as an example the "F-02" transaction authorisation.
A secure SAP system does not only include a good role concept. It is also necessary to check whether a user should (still) have a specific role. Regular verification of role assignment is called recertification. In this blog post, I'd like to introduce you to the need for recertifications and our own tool, EasyReCert. The need for recertification - scenarios: Example 1: The "apprentice problem" Imagine the following scenario: A new employee (e.g. apprenticeship or trainee) will go through various departments as part of his or her training and will work on various projects. Of course, an SAP User will be made available to your employee right at the beginning, which is equipped with appropriate roles. As each project and department passes, the employee repeatedly needs new permissions to meet the requirements. After the employee has successfully completed his or her induction and is now in a permanent position, he or she still has permissions that are not necessary to perform his or her duties. This violates the principle of "last privilede" and represents a potential security risk for your company. Example 2: The change of department The change of department is one scenario that probably occurs in every company. If a change of department does not automatically involve a complete reallocation of roles and the employee simply takes his old permissions with him, critical combinations of permissions can occur very quickly. For example, an employee who has permissions in accounts payable and accounts receivable violates the SoD ("Segregation of Duties") principle and poses a potential security risk to your company. Recertification as part of a revision: The two examples above show that a regular review of role allocation identifies potential security risks for your business and can be addressed.
CONSIDER WITH EXTERNAL SERVICES PROVIDERS
Today, "SAP Basis" often does not mean (only) the software architecture. Instead, the term is not infrequently a task description. This refers to the basic administration of the system: installation and configuration, resource management, maintenance and monitoring of a company's SAP setups. This can include user management, patch management and system monitoring. Backup policy, rights management and daily maintenance tasks are also responsibilities of Basis admins.
There was even a case where the SAP environment required a review of the data center power and cooling. At that time, the data center infrastructure had to be upgraded before we could even proceed.
Use "Shortcut for SAP Systems" to accomplish many tasks in the SAP basis more easily and quickly.
For example, the key combination "ALT+0160" can be used to insert non-breaking spaces.
Install new version SAP GUI and Bex (BI Addon) The first step is to install SAP GUI and Business Explorer (Bex).