Manage the underlying operating system, if applicable
Oracle DB Administration
Remove weak password hashes from the system: Only updating the profile parameter does not provide you with the necessary security. There are still many weak hash values in your database that can be used to attack your system. These must be completely removed from the database. To do this, use the report CLEANUP_PASSWORD_HASH_VALUES. To do this, call the transaction SA38 and enter the name of the report in the input field. Run or F8 executes the programme and cleans your database Report CLEANUP_PASSWORD_HASH_VALUES This programme removes the outdated hash values across all clients. Have you already experienced this attack method or any other comments on this topic? Share your experiences with us in the form of a comment under this article.
SAP Basis usually takes care of the administration of the SAP system. The most important SAP Basis transactions are listed in this article.
If you want to get more information about SAP basis, visit the website www.sap-corner.de.
SM19 Security Audit
This saves us a lot of time and ensures that no checks are overlooked when performing manually. Security Automation via HR Permissions HR permissions are a very risky topic in many companies and are often only touched with silk gloves.
A well-cared-for emergency user concept enables the audit-proof allocation of extended permissions in combination with the assurance of daily operations in your company. This article first addresses the fundamental issues that require an emergency user approach. It then briefly explains how such a concept works in general and how we implement it. An Emergency User is normally used when tasks are temporarily taken over outside the initial field of activity. I described the different scenarios of when such a user can be used and how to deal with them in this blog post for you. Why is an emergency user approach important? There are several scenarios in which the use of an emergency user with extended rights is useful: In urgent cases, it is often necessary to be able to quickly make changes to the system that are outside the user's actual field of activity. A key user who has the necessary permissions is on vacation and needs a representation. The same user suffers short-term illness and his/her representative must take over his/her duties to ensure the operation. We recommend developing a concept for the short-term allocation of the additional permissions. This will ensure the implementation of the above scenarios. How does an emergency user approach work? An emergency user concept in SAP works fundamentally via a temporary assignment of additional rights to a specific user. After the tasks have been completed, the user is deprived of the rights. The tasks performed with the extended permissions are logged and can then be evaluated by an auditor. However, there are a few things to keep in mind: A process for granting special rights should be defined. It must be specified which users can get special rights. The time period for which users can request an emergency user should be limited.
"Shortcut for SAP Systems" simplifies tasks in the area of the SAP basis and complements missing functions of the standard.
Overall, the application layer is the link between the database layer on the one hand and the presentation layer on the other.
So much information... how can you keep it so that you can find it again when you need it? That's what Scribble Papers is great for.
Import the Modification Balance Transport.