SAP Basis business benefits
SU25 Profile generator: upgrade and initial installation
The default value of the profile parameter is 1, so the weak hashes are generated for each user. Preventing weak password hashes The generation of unsafe hash values can be prevented by setting the login/password_downwards_compatibility profile parameter to 0. Note that a change only takes effect when the instance is restarted!
A secure SAP system does not only include a good role concept. It is also necessary to check whether a user should (still) have a specific role. Regular verification of role assignment is called recertification. In this blog post, I'd like to introduce you to the need for recertifications and our own tool, EasyReCert. The need for recertification - scenarios: Example 1: The "apprentice problem" Imagine the following scenario: A new employee (e.g. apprenticeship or trainee) will go through various departments as part of his or her training and will work on various projects. Of course, an SAP User will be made available to your employee right at the beginning, which is equipped with appropriate roles. As each project and department passes, the employee repeatedly needs new permissions to meet the requirements. After the employee has successfully completed his or her induction and is now in a permanent position, he or she still has permissions that are not necessary to perform his or her duties. This violates the principle of "last privilede" and represents a potential security risk for your company. Example 2: The change of department The change of department is one scenario that probably occurs in every company. If a change of department does not automatically involve a complete reallocation of roles and the employee simply takes his old permissions with him, critical combinations of permissions can occur very quickly. For example, an employee who has permissions in accounts payable and accounts receivable violates the SoD ("Segregation of Duties") principle and poses a potential security risk to your company. Recertification as part of a revision: The two examples above show that a regular review of role allocation identifies potential security risks for your business and can be addressed.
Hosting of the SAP systems
For more information about the lowest support package level for SAP ABA and SAP Basis to install an SAP Basis Plug-In, see the SAP Service Marketplace. For more information about the lowest support package level for the corresponding SAP R/3 plug-in, see the SAP Service Marketplace. This level depends on the release of SAP R/3 or SAP R/3 Enterprise.
All topics are relevant, which may also be of interest to a customer. Ideally, you get a balanced communication structure in the communication triangle between marketing, the target group and your own employees. Internal communication is an important aspect for the SAP basis. It is primarily a matter of passing on or communicating your own services, IT products and positioning to your employees. STEP 10: PLANNING The planning provides a translation of the previously agreed definitions into concrete measures. A description of the measure shall be provided. The measures can now be scheduled and included in a cost overview. Above all, it is important to plan realistically and to consider dependencies. This step, too, is of great interest to the SAP basis and is necessary to translate the previously agreed specifications into a concrete marketing concept of the SAP basis.
"Shortcut for SAP Systems" simplifies tasks in the area of the SAP basis and complements missing functions of the standard.
No test management Quite simple.
The SAP basis requires a separation layer to upstream and downstream IT departments, which is clearly defined.