Ensuring secure administration
Lock Inactive Users
Security notes correct vulnerabilities in SAP standard software that can be exploited internally or externally. Use the System Recommendations application to keep your systems up to date. SAP software is subject to high quality assurance standards - however, security vulnerabilities may occur in the code. These vulnerabilities can, in the worst case scenario, open the door to external and internal intruders. It is not difficult to find guidance on exploiting these vulnerabilities in relevant internet forums. A permission concept is only as good as the code that performs the permission checks. If no permission check occurs in your code, the permission concept cannot restrict access. For these reasons, SAP has introduced Security Patch Day (every other Tuesday of the month), which will allow you to better plan for implementing the security advisories. In addition, you can use the System Recommendations application in the SAP Solution Manager to get a detailed, cross-system overview of the security advice you need. The system status and the SAP hints already implemented are taken into account. With this support, ensure that your system landscape is at the current security level.
Each pass of the profile generator collects all the permission suggestions from the SU24 transaction to a transaction added through the role menu of the single role and checks the permissions to be added to the permission list. The following effect is to add transactions to a role when the added transaction is announced through the role menu of the role and various criteria are met.
A complicated role construct
Thus, after evaluation, you can select all SAP hints with the status to implement and load directly into the Note Assistant (transaction SNOTE) of the connected system. This is only possible for a development system and if the SAP Solution Manager can use an appropriate RFC connection to the connected system. You should also consider the security advisories that apply to applications that are installed on your system but that you do not use productively. These vulnerabilities can also be used for an attack.
The ABAP authorization concept protects transactions, programs and services in SAP systems against unauthorized access. Based on the authorization concept, the administrator assigns authorizations to users that determine which actions a user is allowed to perform in the SAP system after logging on to the system and being authenticated.
The possibility of assigning authorizations during the go-live can be additionally secured by using "Shortcut for SAP systems".
Only seven lines are displayed in the dialogue box to maintain field values to properties in transaction PFCG.
Access to personal data in a company is a sensitive issue.