Knowledge or experience in SAP NetWeaver technologies (e.g. AS-Java, AS-ABAP, S/4HANA SAP PI, SAP BI, SAP Gateway or SAP folder management)
Very good IT knowledge - especially of SAP solutions
Why should we even have an individual SAP Security Check performed? Your SAP authorisation concept is designed to ensure the security and protection of data against unauthorised access and abuse. The technical complexity of SAP systems and the ongoing adaptations of business processes often lead to unknown security vulnerabilities. In addition, the increasing digital networking with business partners offers further attack points on your SAP system. SAP Security Check gives you an overview of the security situation of your SAP systems. This will identify potential risks that could jeopardise the safe operation of your IT landscape. Your starting situation The ongoing changes in your IT systems lead to unrecognised security vulnerabilities and your auditors will regularly report to you in the final report on abuses in the authorisation concept. The legal requirements (e.g. EU guidelines) to secure your business processes and IT systems have not yet been implemented and the increasing networking with business partners presents new challenges to your security system. The security-related system settings and permissions settings applied to your SAPS systems are poorly documented, which in many cases causes the system settings to allow extensive critical access unchecked. Critical SAP permissions, profiles, and roles identify permissions that allow critical operations to be performed in terms of security or from a legal or business perspective are called "critical permissions" by SAP. The granting of critical allowances must therefore generally be carried out with particular care and should therefore be planned in advance. Technical and organisational measures and processes must then ensure that the desired level of safety is implemented.
By correctly assessing your own applications for suitability for operation with an external service provider or in the cloud, the enterprise risk of the chosen service form is minimised. Also, possible weak points or aspects that require special attention are known and can be dealt with proactively. A negative consequence during the operational operation can be largely excluded.
SAP System Analysis
In practice, it is quite possible that the target specifications defined in the security concept do not match the current actual status. Therefore, especially with regard to SAP security, it must always be checked whether the necessary SAP basic settings also correspond to the minimum level. Although a manual check is possible, it is very time-consuming because the necessary regularizations have to be read, interpreted and technically implemented. The Security Architect - part of the Xiting Authorizations Management Suite (XAMS) software solution developed by Xiting - offers you the possibility to precisely examine the current status of the SAP Basis settings with the help of the integrated check mode, whereby it is also possible to check several systems via RFC, starting from a central system. The scope of the check of system settings and system security includes not only the SAP Basis settings presented here, but also other SAP Basis settings. The scope of the check mode can be extended by self-defined check IDs.
SAP Basis Administrators ensure smooth operation of your SAP landscape. Our administrators take care of the databases, operating systems and your applications.
"Shortcut for SAP Systems" simplifies tasks in the area of the SAP basis and complements missing functions of the standard.
A small part of a block to be integrated follows from the block that was previously mined.
In addition to internal security requirements, national and international guidelines sometimes require all audit and security-related user actions to be recorded.