Basis administrators often have basic ABAP knowledge, for example, and ABAP developers know the basics of SAP Basis. Nevertheless, the two fields of activity are usually organizationally separated in the company.
Why should we even have an individual SAP Security Check performed? Your SAP authorisation concept is designed to ensure the security and protection of data against unauthorised access and abuse. The technical complexity of SAP systems and the ongoing adaptations of business processes often lead to unknown security vulnerabilities. In addition, the increasing digital networking with business partners offers further attack points on your SAP system. SAP Security Check gives you an overview of the security situation of your SAP systems. This will identify potential risks that could jeopardise the safe operation of your IT landscape. Your starting situation The ongoing changes in your IT systems lead to unrecognised security vulnerabilities and your auditors will regularly report to you in the final report on abuses in the authorisation concept. The legal requirements (e.g. EU guidelines) to secure your business processes and IT systems have not yet been implemented and the increasing networking with business partners presents new challenges to your security system. The security-related system settings and permissions settings applied to your SAPS systems are poorly documented, which in many cases causes the system settings to allow extensive critical access unchecked. Critical SAP permissions, profiles, and roles identify permissions that allow critical operations to be performed in terms of security or from a legal or business perspective are called "critical permissions" by SAP. The granting of critical allowances must therefore generally be carried out with particular care and should therefore be planned in advance. Technical and organisational measures and processes must then ensure that the desired level of safety is implemented.
The basics of Basis Administration
People tend to forget how important this element of the architecture is. The setup involved often proves to be especially important for companies looking to implement the SAP system for the first time.
Inheritance Hierarchy with Master Roles and Associated Roles If you have created multiple derived roles, a simple overview of all "related" roles can be convenient. To do this, call any derived role, or the master role, and then click the "Inheritance Hierarchy" button. You will now get a detailed overview of which roles are assigned to which master role.
Tools such as "Shortcut for SAP Systems" complement missing functions in the SAP basis area.
They have the opportunity to clarify individual issues and to determine the focus of the security check.
Note that the use of the security check feature for custom code separation is licensed and incurs additional costs.