Virtualization of your entire SAP system landscape (some companies additionally operate an SAP HCM system, for example, which also needs to be virtualized)
Cloud
Customers with such a case regularly contact us. Creating a Permission Concept from the ground up is often a time-consuming task. Furthermore, the know-how, which aspects should be dealt with in an authorisation concept and how the corresponding processes can look practical and at the same time audit-proof is often lacking. Our solution: tool-based generation of an individual, written authorisation concept In this situation, we have recommended to our customers the tool-based generation of a written authorisation concept directly from the SAP system. We use the XAMS Security Architect tool, with which we have had good experiences. This includes a template for a revision-proof and comprehensible, written authorisation concept. It includes established best practices for role and entitlement management. The template covers all relevant areas in a permission concept. The included text of the authorisation concept is completely customisable, so that the concept can be tailored to your situation without creating a permission concept from scratch. Dynamically update the written authorisation concept One of the biggest challenges after the development of an authorisation concept is to keep it up to date in the long term and to measure the sustainable implementation in the system. This is achieved by integrating live data such as configuration settings and defined rules directly from the connected system. For example, lists of existing roles or user groups and tables are read from the system each time the document is generated and updated in the permission concept. The following screenshot shows an example of what the appearance in the concept document might look like. Automatically check and monitor compliance with the concept To check compliance with the concept, the XAMS Security Architect includes extensive inspection tools. These cover the rules formulated in the concept and are suitable for measuring the extent to which the reality in the system meets the requirements formulated in the concept.
To establish the new and changed roles in one's own company, it is necessary to create incentives. This applies in particular to specialised roles. Incentives could include, for example, the offer to attend selected SME congresses, the setting of a career path, training and monetary incentives. The new roles also provide increased visibility and participation in company decisions.
SM04 Evaluate user sessions
Setting up Client certificate for access to SAP ONE Support Launchpad This week it was again: The Client certificate for SAP Support has expired. Who wonders how I can set up the client certificate in the browser? Here is the instructions against password-pop-up terror. Short and painless. Launchpad Call Personalisation SAP Passport Add Kachel to the Home Group View Kachel in My Home Create SAP Passport Certificate (with S-Users password) Download Certificate Open and Import Certificate Close Browser Then. If you (like me) have been looking for this feature for a long time, I'm glad to have a short ping in the comment.
In order to reduce the complexity of the SAP basis operation and to accelerate and simplify the tasks of the SAPBasis and to create free capacities, standardisation and automation of the existing activities is required. Details can be found in chapters 7.7 and 9.5 of the Master's thesis.
"Shortcut for SAP Systems" makes many tasks in the area of the SAP basis much easier.
For example, it ranges from an unnoticed reading of purchase and sales figures, a diversion of funds, to a paralysis or manipulation of the entire system.
Understanding the structure and functioning of the system is especially important for IT administration. It is not for nothing that "SAP Basis Administrator" is a separate professional field. On the page www.sap-corner.de you will find useful information on this topic.
However, tools are available that automatically check for critical permissions.