SWI2_DIAG Access to work item analysis (SWI2)
On the one hand, staff clerks (or other personnel officials) should be able to carry out their important work. On the other hand, the protection of personal data of one's own employees is one of the most important tasks of the authorisation system. Any mistake in this area can cause the company's data protection officers to wring their hands over their heads. For this reason, tools are currently being developed to provide security and visibility in the HR permissions area. The basic idea is a clear overview that shows which data certain users in the SAP system can access. Based on this, automatic checks can be developed, which run in the background and regularly check whether critical gaps have been created by changes to the permissions in the HR area. The use of such a tool can create more security, especially in the HR authorisation environment. In addition, the possibility of the overview function is very pleasant and relieving for all involved. Read more This blog post is intended to show what is already possible in the field of Security Automation. The topic will accompany us more and more in the SAP area in the next few years. Therefore, it is recommended to start thinking about how your company is prepared for security automation. If you are interested in setting up and preparing a company outside the security area, I can recommend the book 'Consulting Y' by Ferdinando Piumelli (Managing Director of mindsquare GmbH). In this book, Mr. Piumelli describes his observations and experiences of digital transformation as a strategy consultant for leading DAX30 companies. In doing so, he is focusing on the near future, which, in the spirit of the digital revolution, will have a major impact on the world's large companies and economy.
User name without restrictions - critical? Depending on the release of the SAP_BASIS component in your system, invisible special characters may end up in the user name. This is especially critical if only spaces or alternate spaces are used for the user name when creating a new user. In Unicode systems, "alternative" spaces, so-called "wide spaces", can be used in addition to the normal space character (hexadecimal value 20). For example, the key combination "ALT+0160" can be used to insert non-breaking spaces. If a user is now created whose user name consists exclusively of such alternative spaces, this can be confusing. This is because entries for this user ID do appear in change documents, but the impression is created that the entry was created by a non-existent / deleted user. This circumstance can lead to confusion. In addition, certain special characters in the user name can also lead to errors, for example in the Change and Transport System (CTS). This is because the user name is also used in the CTS-ORG to create a file with the same name in the transport directory. Furthermore, there are letters/characters that look identical in different alphabets, but have a different hexadecimal value in the character set. This means that confusion in user names cannot be completely ruled out. Seemingly identical user names then stand for different users.
The area of expertise of an SAP Basis Admin should include:
In addition to proactive monitoring to prevent possible errors or even complete system failures, our SAP Basis team also implements clearly defined authorization concepts. So that unauthorized persons cannot access important data and your employees are protected from unintentional violations.
The SAP basis is often perceived as a brake within projects or when introducing new technologies. This is partly due to the late consultation of the SAP basis on the issues of technical feasibility as well as the integration of new technologies and applications into the existing system landscape. By implementing the recommendations, the SAP basis is repositioning itself in parts within the IT organisation. The SAP basis has a clearly defined self-understanding (inward-looking perception) as well as a clear positioning and a defined task area within the IT organisation (outward-facing perception), as shown in Figure 5. By integrating the SAP basis into the development of the IT strategy, the digitisation strategy and a clear communication with the CIO, the SAP basis has the opportunity to deal with technologies and topics at an early stage. As a result, the SAP basis is prepared for requests from business units or other IT departments and has the opportunity to approach them proactively. The SAP basis is supported by an IT service and IT product catalogue, which describes the scope of the SAP basis. For internal communication and communication with external service providers, as well as other suppliers, outsourcing partners or outsourcing partners and cloud service providers, there are up-to-date and meaningful documentation and process descriptions. For the control, measurement and monitoring of external partners, Service Level Agreements and meaningful key figures are also available.
Use "Shortcut for SAP Systems" to accomplish many tasks in the SAP basis more easily and quickly.
In this case, it refers to the management and control of SAP systems via various administration and monitoring tools.
The role of the SME describes an expert in a particular field, such as SME databases or SME-SAP-HANA, in the context of SAP products and is gaining in importance due to new technologies and thematic areas.