SMT1 Trusted - Trusting connections
SAP BASIS
We actively support you in the migration of operating systems and databases. The optimization of time-critical processes guarantees a smooth process.
SAP HANA has been one of the major topics in the SAP environment for the last few years. Many customers are currently faced with the question of whether or not to migrate your SAP system. In addition to the actual changeover itself, there are many other topics on which you should have already informed yourself in advance, as these influence the success of SAP HANA in your company. What do you already know about SAP HANA? I would like to encourage you to think about security in the following article. If you would like to learn about the architecture of HANA, I recommend a contribution from our colleagues at erlebe Software. SAP HANA Scenario But why are we even talking about HANA Security? Why is it so important to consider new security strategies with the new technology? With HANA it is possible to analyse data quickly. BW scenarios primarily benefit from the in-memory database (IMDB) used, as speed advantages in data access are particularly positive. Compared to a classic ERP / R3 scenario, the normal DB is replaced by HANA. The desired speed advantages result. However, migration is expected to be required for the changeover. This is caused by customer-specific developments in the system. HANA is not a further development of SAP ERP, HANA is the next stage of an ERP system. It is well known that an ERP system contains the capital of the companies. Therefore a new HANA system like all other ERP systems is also interesting for attackers. On the one hand, such a system contains the critical business data that are available for espionage. In addition, most business processes are mapped in such a system and offer an attack surface for sabotage. In addition, users do not initially know the new technology well. This also applies to administrators in the area of a new technology. Attackers quickly gain a dangerous leap of knowledge over these user groups. SAP HANA has a lot of new features, although many existing ones are used by SAP ERP, so there is a risk here.
Potential security risks in application processes in IDM systems
In practice, it is quite possible that the target specifications defined in the security concept do not match the current actual status. Therefore, especially with regard to SAP security, it must always be checked whether the necessary SAP basic settings also correspond to the minimum level. Although a manual check is possible, it is very time-consuming because the necessary regularizations have to be read, interpreted and technically implemented. The Security Architect - part of the Xiting Authorizations Management Suite (XAMS) software solution developed by Xiting - offers you the possibility to precisely examine the current status of the SAP Basis settings with the help of the integrated check mode, whereby it is also possible to check several systems via RFC, starting from a central system. The scope of the check of system settings and system security includes not only the SAP Basis settings presented here, but also other SAP Basis settings. The scope of the check mode can be extended by self-defined check IDs.
In the database, which is located on a database server, all data of a company is saved. Application programs pull the data they need from the database. This data can consist of data tables, applications or system control tables. In addition, the database also takes new information from users and backs it up.
Use "Shortcut for SAP Systems" to accomplish many tasks in the SAP basis more easily and quickly.
To avoid problems, play all support packages as they are deployed.
In addition, the product strategy is changing, including that of SAP.