MANTRAN is conducting a SAP security training on 24 - 25 Feb in Singapore. The training covers various topics related to SAP authorizations and BASIS security and is very useful for anyone interested in SAP security.
Visit http://www.mantranconsulting.com/sap_sc_training.html for details. Alternatively, email me at barunkumar@mantranconsulting.com for details/ registration forms.
Some of the topics covered in the training are as follows:
1. SAP architecture: A typical SAP system is based on three-tier architecture. SAP provides flexibility in designing system landscape, which can be very complex for large organizations. SAP is compatible with all major hardware, OS, and database.
2. Authorizations: SAP authorization concept allows users to perform their work while securing transactions and programs from unauthorized access. It is a complex and scalable concept where approximately 2,000 authorization objects controls access to more than 100,000 transactions. The authorization components include user master records, roles (single and composite), profiles, authorizations, authorization objects and field values (activity, organization value, etc) and can be customized to organization’s requirement.
3. Segregation of Duties (SoD): SoD ensures that no one individual has complete control over major phase of a process and is enforced through a combination of authorizations and mitigating controls.
4. Profile parameters: Profile parameters control various security functionalities such as password controls, session security, auditing, etc.
5. Super users: SAP is shipped with many default super users, which serve specific purpose. It is important to secure these users. In addition to changing default passwords, additional measures are required for some super users like SAP*.
6. Auditing: Auditing is an important tool and SAP provides multiple auditing options. Some of the auditing features are change documents, document flow, security audit logs, table logs, transaction usage logs, etc.
7. Change management: Client setting and transport path are important to control unauthorized changes in SAP. Client setting can help ensures that changes cannot be made directly in SAP production system.
Visit http://www.mantranconsulting.com/sap_sc_training.html for details. Alternatively, email me at barunkumar@mantranconsulting.com for details/ registration forms.
Some of the topics covered in the training are as follows:
1. SAP architecture: A typical SAP system is based on three-tier architecture. SAP provides flexibility in designing system landscape, which can be very complex for large organizations. SAP is compatible with all major hardware, OS, and database.
2. Authorizations: SAP authorization concept allows users to perform their work while securing transactions and programs from unauthorized access. It is a complex and scalable concept where approximately 2,000 authorization objects controls access to more than 100,000 transactions. The authorization components include user master records, roles (single and composite), profiles, authorizations, authorization objects and field values (activity, organization value, etc) and can be customized to organization’s requirement.
3. Segregation of Duties (SoD): SoD ensures that no one individual has complete control over major phase of a process and is enforced through a combination of authorizations and mitigating controls.
4. Profile parameters: Profile parameters control various security functionalities such as password controls, session security, auditing, etc.
5. Super users: SAP is shipped with many default super users, which serve specific purpose. It is important to secure these users. In addition to changing default passwords, additional measures are required for some super users like SAP*.
6. Auditing: Auditing is an important tool and SAP provides multiple auditing options. Some of the auditing features are change documents, document flow, security audit logs, table logs, transaction usage logs, etc.
7. Change management: Client setting and transport path are important to control unauthorized changes in SAP. Client setting can help ensures that changes cannot be made directly in SAP production system.
0 comments:
Post a Comment