SAP HANA Cloud Platform (SAP HCP)
To configure the SAL, please use transaction RSAU_CONFIG (formerly SM19) as of SAP Release 7.50. It is recommended to activate the cross-user logging with minimum settings and to record all audit classes for users with extensive authorizations, such as SAP standard and emergency users. These settings should always be configured on a cross-client basis.
Of course, SAP administration is carried out by certified and experienced employees. This provides security for the SAP installations as well as for the sometimes quite complex update and upgrade projects.
SAP Basis and SAP Security Support on Demand at a fixed price
In the authorization environment, in addition to assigning authorizations to SAP users, there are a number of important SAP Basis settings that you should check regularly to ensure that your SAP system is fully protected, both internally and externally. For example, particularly in the context of an audit, it is important to ensure that changes to the SAP system always remain traceable. In this blog, I would like to show you how you can best implement this and what to look out for.
Why should we even have an individual SAP Security Check performed? Your SAP authorisation concept is designed to ensure the security and protection of data against unauthorised access and abuse. The technical complexity of SAP systems and the ongoing adaptations of business processes often lead to unknown security vulnerabilities. In addition, the increasing digital networking with business partners offers further attack points on your SAP system. SAP Security Check gives you an overview of the security situation of your SAP systems. This will identify potential risks that could jeopardise the safe operation of your IT landscape. Your starting situation The ongoing changes in your IT systems lead to unrecognised security vulnerabilities and your auditors will regularly report to you in the final report on abuses in the authorisation concept. The legal requirements (e.g. EU guidelines) to secure your business processes and IT systems have not yet been implemented and the increasing networking with business partners presents new challenges to your security system. The security-related system settings and permissions settings applied to your SAPS systems are poorly documented, which in many cases causes the system settings to allow extensive critical access unchecked. Critical SAP permissions, profiles, and roles identify permissions that allow critical operations to be performed in terms of security or from a legal or business perspective are called "critical permissions" by SAP. The granting of critical allowances must therefore generally be carried out with particular care and should therefore be planned in advance. Technical and organisational measures and processes must then ensure that the desired level of safety is implemented.
Some missing SAP basic functions in the standard are supplied by the PC application "Shortcut for SAP Systems".
This first distinguishes between dialogue and non-dialogue work processes.
Understanding the structure and functioning of the system is especially important for IT administration. It is not for nothing that "SAP Basis Administrator" is a separate professional field. On the page www.sap-corner.de you will find useful information on this topic.
The basic SAP Basis operation includes the operational readiness of the SAP system, management of system changeability, configuration and administration of system profiles, analysis of system failures, operation and monitoring of technical interfaces, scheduling and monitoring of SAP standard jobs, and much more.