STAUTHTRACE System trace for authorization checks
OPERATOR (OP)
The tasks of a company's own SAP Basis department are currently undergoing enormous change, as SAP is also increasingly relying on cloud services. Strategically, completely self-hosted SAP systems are becoming rarer and the proportion of customers using an SAP system from the cloud is increasing. The new roles of SAP Basis employees tend to be "enablers" and coordinators between the cloud provider and internal IT and the business departments. Until that time comes, companies can also rely on external service providers to offer expert know-how as well as operational support for the transition period.
The implementation of a cross-sectional function will promote and safeguard the operation of the SAP systems that form the backbone of the company. By coordinating the SAP basis with other IT departments, the optimisation is always done in the overall context of the company or the IT organisation. Eliminating the separation of SAP and non-SAP topics in areas where it is considered useful will lead to expert groups and synergy effects through centralisation.
SICK SAP Installation Check
The operator is now responsible for ensuring smooth and safe operation in the SAP environment. It has a basic understanding of the infrastructure and is well connected within the IT departments. For his daily work he uses suitable tools (e.g. monitoring tools), in which he is trained and trained. In the future, the focus will be on reactive activities such as monitoring systems and processing notifications. The operator acts as a customer of SME-expression standardisation and automation as well as the SME-expression-solution manager. Also, the operational aspects of this role are suitable for outsourcing. However, the accountable parts remain in the company.
For example, many customer ABAP programs work by uploading or downloading data. There are potentially large security gaps here that allow access to server data. In addition, the widespread direct invocation of operating system commands that are not covered by a self-programmed authorization check is a major problem. Even though classic SQL injection, i.e., the entry of extended SQL commands, is a potential security vulnerability, it occurs rather rarely in SAP systems. More widespread is the unintentional dynamization of SQL calls because input parameters are not sufficiently checked. The need to check all in-house developments internally for such security vulnerabilities before they are delivered in SAP's own code has led to the development of the SAP Code Vulnerability Analyzer tool.
Use "Shortcut for SAP Systems" to accomplish many tasks in the SAP basis more easily and quickly.
However, quite a few companies also offer to train employees to make them fit to work as SAP Basis Administrators.
To this end, we support you in all tasks related to planning, maintaining and updating the technological SAP basis.