SAP Basis PFCGMASSVAL Mass maintenance of authorization values - SAP Corner

Direkt zum Seiteninhalt
PFCGMASSVAL Mass maintenance of authorization values
DEVELOPMENT OF IT PRODUCT CATALOGUE AND DEFINITION OF IT PRODUCTS
By using a code scanner, it is now possible for every developer to scan for complex security patterns during the extended check of his program, which tell him whether he has built vulnerabilities into his program. These vulnerabilities are detected and can now be addressed in a workflow-driven process. Currently, there are two products that can support customers in the area of scanning their own SAP programs.

Cross-client tables can be modified. The control system of another, productive client can thus be undermined and undermined. Quite a lot of power! Did you also know that the SAP system provides a feature that deletes table change protocols (DBTA BLOG table) and that it is effective across all clients? If the table change logs have not been additionally archived via the BC_DBLOGS archiving object, traceability is no longer available. That way, every criminal act within your company can be beautifully covered up. Similarly, full access to batch management allows you to manage all background jobs in all clients with the permission. This allows you to delete old background jobs that have gone unauthorised. There are also some points to consider when managing print jobs. Typically, the following two SAP access permissions are enabled to protect print jobs: S_SPO_DEV (spooler device permissions) S_SPO_ACT (spooler actions). Why? Confidential information in print jobs is not protected against unauthorised disclosure. (Strictly) sensitive print jobs can be read unauthorised or redirected to external printers and printed out. Print jobs are unprotected unless additional SAP access permissions are enabled to protect print output. The print jobs are multi-tenant, which means that the authorisation award should also be well thought through at the point.
SPAM Support Package Manager
In order to ensure the necessary expertise both in the direction of application and application-related IT departments as well as in the direction of infrastructure units, the SAP basis should be divided into an infrastructure-related SAP basis and an application-orientated SAP basis. The infrastructure-based SAP basis acts as a contact level and point of contact for IT departments such as virtualisation, storage management and databases. The application-orientated SAP basis serves as the contact and coordination level for application-related topics. BUILDING OVERARCHING EXPERT TEAMS WITH SAP basis INVOLVEMENT To reduce organisational friction points as well as to optimally handle selected topics, it is recommended to set up expert teams with the participation of the SAP basis. These teams of experts can be virtually organised and therefore of temporary duration and consist of participants from all relevant IT disciplines or business areas. If the topic of the virtual group of experts is the focus of the SAP basis, the SAP basis will take over the management and control of the expert team.

The tasks described above, which occur at rather irregular intervals and involve a certain degree of complexity due to the lack of routine or process know-how, should be examined in order to determine whether they can be performed more efficiently by an external service provider. One question to be answered is whether it is necessary to keep the necessary knowledge in the company in order to be able to react faster than the external service provider. For example, for business critical systems. Security aspects should also be considered, as external persons gain access to the system. From now on, outtasking performance must be regularly monitored and checked for quality and documentation. A complete dependence on the external partner must not arise.

Tools such as "Shortcut for SAP Systems" complement missing functions in the SAP basis area.

If you have unsigned SAP hints, there is a risk that the notice has been changed unnoticed and malicious code will be added to your SAP system when you install the notice.

SAP Basis is the foundation of any SAP system. You can find a lot of useful information about it on this page: www.sap-corner.de.


It is recommended not to change the file name after downloading.
SAP Corner
Zurück zum Seiteninhalt