Why do you need SAP Basis admins in your company?
STRUST Trust Manager
In the case of distributed or local SAP systems, it can also be helpful if departments or decentralized IT units can schedule their own jobs themselves. It is important that the associated approval processes can also be mapped and easily tracked. This brings convenience, flexibility and a degree of freedom without neglecting operational security. The integration of the business departments can relieve the IT administrator and turn background processing into an end-to-end process integrated into the organization.
A secure SAP system does not only include a good role concept. It is also necessary to check whether a user should (still) have a specific role. Regular verification of role assignment is called recertification. In this blog post, I'd like to introduce you to the need for recertifications and our own tool, EasyReCert. The need for recertification - scenarios: Example 1: The "apprentice problem" Imagine the following scenario: A new employee (e.g. apprenticeship or trainee) will go through various departments as part of his or her training and will work on various projects. Of course, an SAP User will be made available to your employee right at the beginning, which is equipped with appropriate roles. As each project and department passes, the employee repeatedly needs new permissions to meet the requirements. After the employee has successfully completed his or her induction and is now in a permanent position, he or she still has permissions that are not necessary to perform his or her duties. This violates the principle of "last privilede" and represents a potential security risk for your company. Example 2: The change of department The change of department is one scenario that probably occurs in every company. If a change of department does not automatically involve a complete reallocation of roles and the employee simply takes his old permissions with him, critical combinations of permissions can occur very quickly. For example, an employee who has permissions in accounts payable and accounts receivable violates the SoD ("Segregation of Duties") principle and poses a potential security risk to your company. Recertification as part of a revision: The two examples above show that a regular review of role allocation identifies potential security risks for your business and can be addressed.
Presentation layer (graphical user interface)
Presentation layer: The presentation layer is the interface to the users. With the help of SAP GUI, the data is graphically prepared here and made available to the user on the screen. Furthermore, the data newly collected here is passed on to the application programs of the application layer.
The higher the degree of standardisation of operational and maintenance tasks, the more effective the technical operation and maintenance can be. At the same time, this simplifies outsourcing and, if necessary, the use of a cloud solution. CHOOSING AN APPROPRIATE SERVICE FORM Regardless of the chosen service form, as well as outsourcing and outtasking, the overall responsibility for the availability and performance of the IT-supported applications remains with the company. This still means internal coordination of maintenance windows or release booths, which remains in place. Similarly, the services provided by the external partner must be regularly monitored and their quality checked. Therefore, the chosen IT strategy must be chosen from this point of view with the lowest risk. If the technical operation is not sufficiently assessed in the decision, there is a significant business risk.
"Shortcut for SAP Systems" makes many tasks in the area of the SAP basis much easier.
AUTO_MOD_SPAU This step checks whether modifications can be adjusted automatically.
In addition to the database, the SAP system itself is installed.