SMQR qRFC monitor (QIN schedule)
USE OF SECURE NETWORK COMMUNICATION
A secure SAP system does not only include a good role concept. It is also necessary to check whether a user should (still) have a specific role. Regular verification of role assignment is called recertification. In this blog post, I'd like to introduce you to the need for recertifications and our own tool, EasyReCert. The need for recertification - scenarios: Example 1: The "apprentice problem" Imagine the following scenario: A new employee (e.g. apprenticeship or trainee) will go through various departments as part of his or her training and will work on various projects. Of course, an SAP User will be made available to your employee right at the beginning, which is equipped with appropriate roles. As each project and department passes, the employee repeatedly needs new permissions to meet the requirements. After the employee has successfully completed his or her induction and is now in a permanent position, he or she still has permissions that are not necessary to perform his or her duties. This violates the principle of "last privilede" and represents a potential security risk for your company. Example 2: The change of department The change of department is one scenario that probably occurs in every company. If a change of department does not automatically involve a complete reallocation of roles and the employee simply takes his old permissions with him, critical combinations of permissions can occur very quickly. For example, an employee who has permissions in accounts payable and accounts receivable violates the SoD ("Segregation of Duties") principle and poses a potential security risk to your company. Recertification as part of a revision: The two examples above show that a regular review of role allocation identifies potential security risks for your business and can be addressed.
Examples of names are: SAP Cross-Application, SAP Innovation & Technology, SAP Services & Innovation, SAP Operations & Innovation or SAP Service Provider & Business Innovator. DESCRIPTION OF OWN PERFORMANCE AND SERVICE PORTFOLIO In order to be consulted by upstream or downstream entities, it is necessary to provide a detailed and understandable description of your service portfolio. This means that it can be explicitly stated in which cases the SAP basis needs to be contacted and involved in order to make the necessary decisions and not jeopardise a project or company success. In addition to the range of tasks covered by the SAP basis, it is also necessary to specify for which tasks and topics the SAP basis is not responsible. This recommendation is to be considered as universal and applies to all IT departments in order to clearly distinguish them and document the performance of their own IT organisation. INTERNAL MARKETING DESIGN AND ESTABLISH Building on the recommendation [A3], it is recommended to design and establish an internal marketing. The aim is to provide a transparent picture of the activities carried out in terms of the company's success and which are not visible to everyone.
Determination of specific transactions with user assignment using SE16N
The establishment of Software-Defined Data Centres or IaaS are the key to further flexibility and standardisation of SAP technology infrastructure. The concept of a Software-Defined Data Centre is to create an abstraction layer over the individual virtualised components, such as servers, networks or storage, that controls, controls, provisioning, and automates the entire infrastructure.
The consistent implementation of the role concept enables a manageable complexity of the tasks per employee. At the same time, through the respective SMEs, the concept creates expertise in specific topics and enables communication on an equal footing with upstream or downstream IT departments as well as with external service providers. The establishment of technology architects also ensures that the overall picture is not left out of sight in the context of the SAP product portfolio. Deficits can also be addressed on issues such as policies and security. Overall, the role concept provides guidance for the employees and their career planning as well as guidance regarding the range of tasks and contacts for IT departments and business areas.
"Shortcut for SAP Systems" makes many tasks in the area of the SAP basis much easier.
Therefore, a corresponding growth is associated with this interface task.
SAP Basis is the foundation of any SAP system. You can find a lot of useful information about it on this page: www.sap-corner.de.
An additional requirement in the future will be the understanding of company policy.