SAP Applications
Implementation of security updates, patches and enhancement packages
A secure SAP system does not only include a good role concept. It is also necessary to check whether a user should (still) have a specific role. Regular verification of role assignment is called recertification. In this blog post, I'd like to introduce you to the need for recertifications and our own tool, EasyReCert. The need for recertification - scenarios: Example 1: The "apprentice problem" Imagine the following scenario: A new employee (e.g. apprenticeship or trainee) will go through various departments as part of his or her training and will work on various projects. Of course, an SAP User will be made available to your employee right at the beginning, which is equipped with appropriate roles. As each project and department passes, the employee repeatedly needs new permissions to meet the requirements. After the employee has successfully completed his or her induction and is now in a permanent position, he or she still has permissions that are not necessary to perform his or her duties. This violates the principle of "last privilede" and represents a potential security risk for your company. Example 2: The change of department The change of department is one scenario that probably occurs in every company. If a change of department does not automatically involve a complete reallocation of roles and the employee simply takes his old permissions with him, critical combinations of permissions can occur very quickly. For example, an employee who has permissions in accounts payable and accounts receivable violates the SoD ("Segregation of Duties") principle and poses a potential security risk to your company. Recertification as part of a revision: The two examples above show that a regular review of role allocation identifies potential security risks for your business and can be addressed.
SPAM/SAINT updates (SPAM update) provide updates and improvements to SAP Patch Manager and SAP Add-On Installation Tool. There is always one SPAM update per review that will be updated over time. The version can be found in the short description, e.g.: SPAM/SAINT update - version 4.6A/0001 A SPAM update always comes first in the list of support packages in the SAPNet - R/3 frontend, i.e. before the other support packages. We recommend that you always install the latest version of a SPAM update before installing Support Packages. Prerequisites You can successfully commit a SPAM update only if there are no broken support packages in the system. If there are cancelled support packages, a dialogue box will alert you. You have two options: You will first complete the queue and then the SPAM update. You reset the status of the queue, play the SPAM update first and then the queue. You can reset the status of the Queue by using the Add Status Reset Queue. Note that your system is inconsistent when you reset the queue after objects have already been imported (for example, after an error in the DDIC_IMPORT step and following). Therefore, you should only reset the queue if DDIC_IMPORT was cancelled before the step. For more information, see Steps of the SPAM [page 26]. Note that starting with SPAM/SAINT version 11, it is no longer possible to reset the queue after the DDIC_IMPORT step and following. How to Check if the SPAM update you are offering is newer than the one you are receiving. The current SPAM version appears in the title bar of the SPAM window. To play the latest SPAM update, select Support Package Insert SPAMUpdate. SPAM updates are automatically confirmed after successful insertion. Load Support Package Usage Before you can insert Support Packages, you must first load the appropriate Support Packages.
NEW TECHNOLOGIES & INNOVATION
SAP, as one of the world's leading software providers with over 100,000 employees, represents a central component of their system landscape for many companies. Thanks to the many different modules, such as "Finance" and "Human Capital Management", as well as the wide range of customization options, a broad field of professions and possible areas of focus has opened up here in almost 50 years.
Will Blockchain's Economy and Administration Revolutionise? What is a blockchain? A blockchain is a complete and unchanging transaction history of all transactions of a decentralised community that everyone who is part of it agrees to. The word blockchain first fell in connection with Bitcoin as a decentralised network for payments in the digital currency of the same name. The blockchain describes an underlying technology in which all transactions are publicly and unchangeably recorded. This transaction history is updated periodically. Each participant in the decentralised community accepts it as a reality, stores it on their computer, and can thus ensure at any time that no one can duplicate expenditure, as this would lead to a conflict in the transaction history elsewhere. A peculiarity of blockchain technology is that it has solved the "Double Spending Problem". Double-spending means something that can be doubled, and by 2008, only one central institution was considered to be sustainable. Double Spending can best be understood using the example of an image on a mobile phone. When I upload it to Facebook, I made a copy of it and I can upload it to Instagram, for example. So I used my picture "double". This effect made it impossible to establish a trustworthy, decentralised digital currency by 2008.
"Shortcut for SAP Systems" makes it easier and quicker to complete a number of SAP basis tasks.
This leaves less and less time for mission-critical batches, which can lead to disruptions and terminations.
Therefore, only a few points that need to be considered are highlighted below.