Virtual Forge CodeProfiler for ABAP
Root cause analysis
SAP HANA has been one of the major topics in the SAP environment for the last few years. Many customers are currently faced with the question of whether or not to migrate your SAP system. In addition to the actual changeover itself, there are many other topics on which you should have already informed yourself in advance, as these influence the success of SAP HANA in your company. What do you already know about SAP HANA? I would like to encourage you to think about security in the following article. If you would like to learn about the architecture of HANA, I recommend a contribution from our colleagues at erlebe Software. SAP HANA Scenario But why are we even talking about HANA Security? Why is it so important to consider new security strategies with the new technology? With HANA it is possible to analyse data quickly. BW scenarios primarily benefit from the in-memory database (IMDB) used, as speed advantages in data access are particularly positive. Compared to a classic ERP / R3 scenario, the normal DB is replaced by HANA. The desired speed advantages result. However, migration is expected to be required for the changeover. This is caused by customer-specific developments in the system. HANA is not a further development of SAP ERP, HANA is the next stage of an ERP system. It is well known that an ERP system contains the capital of the companies. Therefore a new HANA system like all other ERP systems is also interesting for attackers. On the one hand, such a system contains the critical business data that are available for espionage. In addition, most business processes are mapped in such a system and offer an attack surface for sabotage. In addition, users do not initially know the new technology well. This also applies to administrators in the area of a new technology. Attackers quickly gain a dangerous leap of knowledge over these user groups. SAP HANA has a lot of new features, although many existing ones are used by SAP ERP, so there is a risk here.
Technical developments are progressing at high speed. Thus, the term "blockchain" is not unique to digital currencies. Instead, there is talk of a technology that will disrupt existing products, services, and even business models. In order to better assess the potential and impact of blockchain technology, various companies from different technologies and, in particular, financial sectors have joined forces in consortia in recent years: The R3 Consortium, which is primarily a consortium of about 80 financial sector companies (UBS, Credit Suisse, Deutsche Bank, Commerzbank, ...). The IoT Consortium, which includes Bosch Ltd, Cisco Systems Inc, is investigating how blockchain technology can be used to secure and improve IoT networks. More than 120 financial, banking, IoT and industrial companies have joined the Hyperledger (Enterprise Ethereum Alliance) consortium. Enterprise Ethereum Alliance with about 500 startups, companies and academic institutions from a wide range of fields. Read more in my next blog post ....
Concept
Without this provisioning component, adjustments to employee permissions in the respective IT resources would have to be implemented by the relevant system administrators. However, manual provisioning processes are by their very nature a source of errors. If an employee's tasks change, the system administrator should consider all active user accounts when modifying and deleting accounts. A modern IDM system therefore helps companies to keep track of users and their permissions, especially in complex and heterogeneous system landscapes.
With the function module SWNC_COLLECTOR_GET_AGGREGATES one can determine the most important SAP Basis transactions. After all, each SAP Basis expert sees different transactions as important.
"Shortcut for SAP Systems" simplifies tasks in the area of the SAP basis and complements missing functions of the standard.
Once this right is granted, the tab will also appear on the CMC home page.
This need can also be inferred from legal requirements.