Security management, system audits, hardening and monitoring
SAP Basis Service
SAP HANA base administrators can master the database in a way that wasn't possible back then. The SAP database is much more self-healing. Errors do less damage, are easier to detect and fix, and are less likely to impact system performance and availability before they are fixed. Monitoring tools can automatically scan the application logs, identify potential errors, and even suggest fixes, making it much easier to get to the root of the problem.
For the authorisation requirement of a user, the transactions with user assignment already awarded should be determined accordingly, in order to be able to exclude them when selecting a suitable role. How does this work? There are various ways to identify specific user-assigned transactions, with varying degrees of result. The following article presents two variants. The first section first describes how to use SUIM to address the problem and what problems are encountered. It then explains how the task can be solved by using the transaction SE16N. As in the previous blog post Identifying all transactions of multiple roles, the roles Test_Schmidt1 and Test_Schmidt2 are used for this. Two of the transactions MM01, MM02, MM03 and MM04 were assigned to these roles in different ways. In the Test_Schmidt1 role, the transactions MM01 and MM02 were entered in the Role menu. In the Test_Schmidt2 role, the transaction MM03 was maintained in the menu of the role, but the transaction MM04 was maintained only in the S_TCODE permission object of the role. Both roles have been assigned to the user SCHMIDT_TEST. Identification of certain transactions with user assignment using SUIM This option is useful if only one transaction is to be checked for its existing assignment to a particular user. The audit is carried out here by means of the transaction SUIM. For this purpose, the variant "Roles according to complex selection criteria" has to be executed in the SUIM. After activating the option "With valid assignment of", the corresponding user and the transaction to be checked will be entered here. It is also recommended to hide the display of the collection roles in the search results.
Incident Management
Standardisation of SAP operations as well as SAP systems can be seen as a preparation for automation as well as for cloud, outtasking and outsourcing service forms. Therefore, in the whole context of standardisation and automation, a sequence of tasks and systems needs to be followed. To do this, it is necessary to first make a detailed documentation of the respective object, which also describes the IST state in detail. A standardisation strategy can then be developed, defined and implemented. Only then can we consider automation, outtasking, cloud, and outsourcing.
On www.sap-corner.de you will also find useful information about SAP basis.
To store all the information on the subject of SAP - and others - in a knowledge database, Scribble Papers is suitable.
In principle, exceptionally good knowledge of computer science is essential. In addition, SAP administrators must of course be particularly well versed in this specialist area and be able to deal confidently with all issues relating to SAP solutions. Since they often also work in international companies, it is an advantage if they have a very good command of written and spoken English.
"Shortcut for SAP Systems" makes many tasks in the area of the SAP basis much easier.
This includes the continuous monitoring and allocation of access possibilities as well as the systematic securing of functional separation (SoD - Segregation of Duties) in the IT systems.
The past ten years have primarily revolutionized the infrastructure and database layer.