DBCO Database connections
Understanding the structure and functionality of the system is especially important for IT administration. It's not for nothing that "SAP Basis Administrator" is a career field in its own right. Instead of data and application development, the focus here is on providing the software environment on which the company's tools are created. SAP Basis is therefore comparable to the server and platform infrastructure and its administration in companies - as distinct from application and web development.
In this article on SAP Security Automation I would like to take a look at the future of automated processes in the SAP Security area. For many companies, the topic of security automation still offers a lot of potential in terms of time savings and process optimisation. Our daily work environment offers numerous tasks that could be handled excellently automatically. For this reason, in this article I present two of the possibilities that already exist in the broad area of security automation. Security Automation via SAP Security Check The first option of Security Automation, which I want to introduce here, is the automatic verification of the existing permissions. Have you ever wondered who has critical permissions in your SAP system? And have you ever tried to do this by hand? Depending on the level of expertise and experience of the privilege administrator, this is a time-consuming work. If an audit is also announced and the SAP system is to be checked for critical permissions and segregation of duties, then it is very difficult to meet all requirements and secure the eligibility landscape in this respect. For this reason, various vendors provide solutions to automate the verification of the permission system with regard to critical permissions and segregation of duties using tool support. This allows permission administrators to use their valuable time to correct the errors rather than just looking for them. For example, we use a tool that runs through the verification of over 250 rules. We then get an evaluation of which rules are violated and which points are correct. A simple example of such rules is the use of the SAP_ALL profile. Another would be to grant the jump permission in debugging (S_DEVELOP permission object with the ACTVT = 02 field). These are two relatively simple examples of Security Check tools' rulebook. In addition, queries are also made, which are located in the field of Segregation of Duties. Using this tool allowed us to move from manual validation of critical permissions to an automatic process.
Figure 2: The Open Innovation Model
The decision to outsource a task or service should be taken not only in terms of cost, but also by assessing the competitive differentiation and strategic importance. Characteristics for describing the costs are the specificity of the task and the embossing by unit cost degression, i.e. decreasing costs with increasing number of tasks or performance. Of strategic importance are, in particular, those tasks and services which are difficult to imitate by competing companies. Figure 4 compares the strategic importance and cost advantages in order to arrive at fundamentally valid statements regarding the usefulness of outsourcing for certain IT tasks and services. In addition to this, as already discussed by Recommendation [A2], it is then worthwhile to establish a catalogue of criteria for evaluating and looking in detail at certain characteristics of the application or services. An exemplary catalogue of criteria can be found in chapter 9.6 of the Master thesis. Figure 4: IT Outsourcing Decision Matrix THE DECISION TO OUTSOURCE A TASK OR PERFORMANCE SHOULD BE MADE NOT ONLY IN TERMS OF COSTS BUT ALSO BY ASSESSING COMPETITION DIFFERENTIATION AND STRATEGIC IMPORTANCE.
These cloud resources are integrated with existing on-premises resources and deployments on Amazon Web Services, Microsoft Azure and Google Cloud Platform. The result is a branching web of connections that, in its entirety, creates the Enterprise Hybrid Cloud.
With "Shortcut for SAP Systems" a tool is available that greatly facilitates some tasks in the SAP basis.
This makes the technical user the dialogue user and a login in the SAP system is unrestricted.
What do RFC interfaces and RFC security have to do with the play "Hauptmann von Köpenick" and the science fiction film "Minority Report"? Probably more than you like! RFC security and theatre?! Germany, Berlin, 1906: The 46-year-old cobbler Wilhelm Voigt dreams of returning to a normal life.