Job Management Concept
Advantages of SAP Basis Support
If all financial and sales activities as well as production, logistics and the personnel administrators run via one system, measures must be taken to ensure reliable functioning on the one hand and to protect the system internally and externally on the other. Due to the long history, the increased availability requirements often do not match the actual protection measures, so that security risks often arise at this point.
PROJECT HISTORIES: THE SAP basis OF TOMORROW An entry in the Forum Infrastructure and Operations within the DSAGNet drew attention to the problem of the SAP basis as described above. This led to a lively discussion, which attracted a lot of interest from the members of the DSAM. Building on the interest and need for action of the member companies, a project was initiated by the DSAG as well as by the SAP, which should deal with the future of the SAP basis. Several companies were invited to participate and their willingness to participate actively was questioned in a DSAG survey. The first project meeting took place within the framework of the DSAG Annual Congress in Bremen in 2015. As a result, regular events took place at the SAP office in Freiberg am Neckar and St Leon-Rot, with the participation of up to 15 companies. In the project "the SAP basis of Tomorrow", current questions of the companies as well as the question of the SAP basis of the future were discussed and worked out with regard to the IT landscape, processes and organisational structure. A master's thesis was initiated to document and prepare the results as well as to examine the topic in scientific terms in parallel with the project. This was made at the University of Applied Sciences Würzburg-Schweinfurt as part of the Master's programme in Information Systems with Prof. Dr. Karl Liebschnitel and submitted for evaluation at the end of March 2016.
SARA Archive Administration
In order to make a transaction in cryptocurrencies, you do not have to let your bank know about it as you would for "normal" money, but you have to use the Private Key to prove that you own the coins. The transaction looks like a piece of the puzzle. Half of the puzzle piece consists of information about the coin set, time and public address of the sender or receiver. The other half is the signature of the private key belonging to the sent public address. Both halves make this piece unique. Changing only one piece of information would completely change the whole transaction or the appearance of the puzzle piece. This transaction is transferred to the network or to the miner and is checked for correctness first. If everything fits, the transaction will be sent to other miners who will do the same. Otherwise, the transaction is ignored. Miners try to integrate the transactions into a block. This is called mining and we have described it so that the miners put the puzzle pieces together into a puzzle (block). A small part of a block to be integrated follows from the block that was previously mined. If all miners accept the correctness of a completed block, they will all work the next one immediately. The puzzle (block) is fixed and is irrevocably connected to the block before or after. The blocks form a chain and are called blockchain, which contains all the transactions that have ever been made and is visible and unchangeable by everyone. In doing so, blockchain replaces a central institution and avoids double-spending, which ultimately gives value to a cryptocurrency. Smart Contracts The biggest advance compared to Bitcoin and similar applications is that second-generation blockchains, such as Ethereum, use the so-called Turing-Complete script language Solidity. This enables calculations to be made within the blockchain. While Bitcoin allows only rudimentary multi-signature functions, Ethereum opens the door to much more complex operations called smart contracts. Smart contracts are contracts in which a decentralised blockchain ensures their unchangeability and execution.
A secure SAP system does not only include a good role concept. It is also necessary to check whether a user should (still) have a specific role. Regular verification of role assignment is called recertification. In this blog post, I'd like to introduce you to the need for recertifications and our own tool, EasyReCert. The need for recertification - scenarios: Example 1: The "apprentice problem" Imagine the following scenario: A new employee (e.g. apprenticeship or trainee) will go through various departments as part of his or her training and will work on various projects. Of course, an SAP User will be made available to your employee right at the beginning, which is equipped with appropriate roles. As each project and department passes, the employee repeatedly needs new permissions to meet the requirements. After the employee has successfully completed his or her induction and is now in a permanent position, he or she still has permissions that are not necessary to perform his or her duties. This violates the principle of "last privilede" and represents a potential security risk for your company. Example 2: The change of department The change of department is one scenario that probably occurs in every company. If a change of department does not automatically involve a complete reallocation of roles and the employee simply takes his old permissions with him, critical combinations of permissions can occur very quickly. For example, an employee who has permissions in accounts payable and accounts receivable violates the SoD ("Segregation of Duties") principle and poses a potential security risk to your company. Recertification as part of a revision: The two examples above show that a regular review of role allocation identifies potential security risks for your business and can be addressed.
"Shortcut for SAP Systems" makes it easier and quicker to complete a number of SAP basis tasks.
It is recommended to use only one automation tool (SAP Solution Manager or SAP LVM).
In addition, they shall have the possibility to access the SE37 and execute functional modules there.