Skip to content

Homepage for SAP Professionals

SAP Community website with all sorts of interesting information related to SAP

Archive

Category: SAP Security

SAP Job Market

Aug 12
Functional, MM Materials Management, SAP Data Load & Extracts, SAP GRC, SAP Security, SAP Tips and Tricks, SD Sales & Distribution, Tips and Tricks

SAP Job Market

SAP job market is currently in a state of flux just like any other IT job. Where there used to be 10 jobs there are 4 or may be 5. Post recession, the reasons are obvious – Lack of budgets, postponing new implementations, general market slump etc.

However, all is not lost yet. There are still jobs. And more are going to come up as the economy slowly takes roots again and boomtown comes along. continue reading…

VN:F [1.9.3_1094]
Rating: 0.0/5 (0 votes cast)
  • Share/Bookmark
Leave a Comment consulting, job, training Read more

Audit Information System (AIS) and trace Error logs during user logon

Jun 13
Basis Tips, SAP Security, SAP Tips and Tricks, Tips and Tricks

Ever wondered what the error codes mean when analyzing your AIS  or trace logs? Here are some hints and how users or administrators should react to the messages:

1  Incorrect logon data (client, user name, password)
User: check the logon data entered (enter data again)
Admin: check the logon data for the service users, for example in the ITS service file
(usually wrong client) or in the RFC destinations
(usually wrong password)
continue reading…

VN:F [1.9.3_1094]
Rating: 0.0/5 (0 votes cast)
  • Share/Bookmark
Leave a Comment AIS, logs, security, trace Read more

Create custom transaction for SE16 

Feb 20
Development, SAP Security, SAP Tips and Tricks, Tips and Tricks

To create custom transaction, it is suggested that you define the naming convention as simple as possible to make sure that users will remember the transaction and do not have to second guess. If a user needs a custom transaction to browse table MARA, you can either call the transaction ZSE16_MARA or simply ZMARA. continue reading…

VN:F [1.9.3_1094]
Rating: 0.0/5 (0 votes cast)
  • Share/Bookmark
Leave a Comment se16, S_TABU_DIS Read more

Fishing for Passwords

Jan 16
Biometrics, SAP Security

Everybody has Access to your DATA!!!

White-collar crime is the fastest growing type of crime in North America, and co-workers and disgruntled employees have many motivations to cause damages or increase their wealth. Especially in the current economy it is every company’s responsibility to keep honest employees honest by preventing opportunities and temptation! The first thing intruders do before taking any illegal action is to get access to another colleague’s user profile for extended access so that the other person will be blamed. Below we will point out how easy this unfortunately is…

We know about one company that lost over $60 Million in a 4 year period. A director used one of his employee’s user profiles and passwords to commit the fraud in the SAP financial system. When the fraud was discovered, this employee spent half a year in jail for a crime that she did not commit. Eventually, her boss was arrested for stealing her password and committing the fraud. continue reading…

VN:F [1.9.3_1094]
Rating: 0.0/5 (0 votes cast)
  • Share/Bookmark
Leave a Comment fraud, fraud prevention, passwords, sap Read more

Is your data moving in a Limo?

Jan 2
Functional, SAP Data Load & Extracts, SAP Security, Tips and Tricks

I am sure that your data governance is up do date and you are happy with your eCATT and LSMW scripts, or even happy that you saved some money to hire some interns or temps to enter data in your system. But why doing it the better & more cost effective way if you have money to burn? Just kidding!

continue reading…

VN:F [1.9.3_1094]
Rating: 0.0/5 (0 votes cast)
  • Share/Bookmark
Leave a Comment catt, data load, ecatt, end users, lsmw, run lsmw, SCAT, users Read more

Biometric SAP Access Control

Nov 16
Biometrics

bioLock is the first and only certified biometric technology available for SAP. bioLock will allow a company to ensure that only the actual authorized user can use the assigned SAP User Profile. Furthermore, bioLock will protect individual functions in the system (in case the authorized user leaves without logging out of the system). Unauthorized users will always be rejected even when walking up to an open computer. Most importantly, bioLock will not only uniquely identify the actual user, but will also log in a log file, which actual user – uniquely identified via biometrics – has actually executed a task or was rejected trying to execute a task without being authorized. The log file will give the business managers and auditors the ultimate knowledge and control about what is going on in their SAP System. Please check out this document to understand this simple security concept in an easy comparison and learn, how bioLock will help maintaining the integrity of your SAP data.

continue reading…

VN:F [1.9.3_1094]
Rating: 0.0/5 (0 votes cast)
  • Share/Bookmark
Leave a Comment access, biometric, fraud, fraud prevention, passwords, sap, SOX Read more

Edit SAP tables: Your SAP Security Admin’s nightmare: &sap_edit

Aug 15
SAP Security, Tips and Tricks

No matter security on table editing. When in transaction SE16N use the command &SAP_EDIT in the command field in SAP and off you go: edit table content directly. This works if you have debug with changes access for object S_DEVELOP, but S_TABU_DIS is ignored as well as the system settings regarding changes. If you use this function for transaction, master data or other tables that cannot be changed with SM30, you can cause quiet some damage.  So, use with caution and this is NOT a Best Practice by all means, but to educate you on a little documented feature:

Step 1: Use transaction SE16N or transaction N (yes, there is a transaction called just ‘N’)  and enter a table of your choice, for example SKA1 G/L Account Master (Chart of Accounts)

SE16N Edit SKA1 table

2) In the command field enter ‘&SAP_EDIT’ and press enter. The maintenance indicator in SE16N will switch on.

ska1_step2

3) Limit the search of your data or execute for all values and you will see, that the table entries can be edited:

ska1_step3

If you limit the users access not to have access to S_DEVELOP with change activities for object type DEBUG, this function will not be possible (tested on ECC5)

If you want to allow this function, you can audit who changed data via SE16N by browsing the following tables;

SE16N_CD_KEY : Change Documents – Header
SE16N_CD_DATA : Change Documents – Data

You can also run report RKSE16N_CD via SE38 (or create a custom transaction for it for ease of use).

VN:F [1.9.3_1094]
Rating: 5.0/5 (4 votes cast)
  • Share/Bookmark
Leave a Comment &SAP_EDIT, audit, direct update, edit, se16, se16n, SOX, S_TABU_DIS, tables Read more

Popular Posts (last 30 days)

Legal Notice

Copyright Notice

Original author(s) retain their own copyright(s). Original content is Copyrighted © by Home4SAP.com. Any original home4sap.com content may be freely redistributed or posted in part or in full with full attribution to the original post, through a direct link to the original post.

Pursuant to Title 17 U.S.C. 107, other copyrighted work is provided for educational purposes, research, critical comment, or debate without profit or payment. If you wish to use copyrighted material from this site for your own purposes beyond the 'fair use' exception, you must obtain permission from the copyright owner.

Legal Disclaimer

This site is not affiliated with, endorsed by, nor operated in conjunction with SAP, any of its affiliates, subsidiaries, partners or those who have a direct relationship with the company. For more information from SAP, please visit the company site at: http://www.sap.com/

Please note, all articles, submissions, or other information that does not come directly from SAP is opinion and suggestion. In practice, actual results, or particular tasks and steps may vary depending on your unique situation or circumstances.

The author reserves the right to correct, update, alter, modify, or remove any articles or other content on the site as circumstances may warrant. No warranty or guarantee of any kind, express or implied, is offered for any information contained within this site. You must carefully consider any actions you take within the context of the specific situation and circumstances of the environment you are applying them.

Homepage for SAP Professionals

  • Quote of the moment

    The secret of success in life is for a man to be ready for his opportunity when it comes.



  • Save up to 80% on custom printed products at Vistaprint. Order today!

  • Sponsored

  • Search SAP Jobs

    Quick Job Search
    Enter Keyword(s):
    Enter a City:  

    Select a State:

    Select a Category:
      - Advanced Job Search
      - Search by Company

  • Categories

  • Special Offers

  • Wolfam|Alpha –

    computational knowledge engine

  • Archive

  • Users Online

    Users: 3 Guests

  • RSS SAP Network Blog

    • Tales From the Front Lines - The Tale of Early Obsolescence September 5, 2010
      In the first of several articles relating past experiences to educational needs in the SAP supported business world, I will discuss how continuing education is necessary to avoid backsliding on personal skills inventories versus skills needed to keep ahead of technology and business. […]
    • The Importance of Social Phenomenon in Change Control Processes September 4, 2010
      The proverbial "too many chefs spoil the broth", can often manifest itself in overtly cumbersome SAP change control mechanisms. Often the more approvals that are required for a specific change, the more likely those approvers will abdicate their responsibility to others. This can result in changes being overlooked, due to a Diffusion of responsibil […]
    • Crystal Reports and PONOs, POCOs and Classes(OH MY!) September 3, 2010
      Do you want to report off of your .NET project variables such as POCO/PONO and other classes? In this BLOG I will introduce how to accomplish just that! This is for any .NET developer whether it is C++, C#, VB or Delphi. […]

  • SAP Finance News

    Europe's Easy Credit Bank
    Thu, 02 Sep 2010 15:00:00 GMT

    Some Tech Stocks Soar, While Others Flounder
    Thu, 02 Sep 2010 13:05:00 GMT
    [Indie Research] - Tech stocks have been a real mixed bag for investors lately, with some former highflyers tumbling while others continue to soar.

    Sybase and University of Texas Study Reveals 10 Percent Increase in Usability of Enterprise Data Can Translate to $2 Billion in Additional Revenue Every Year
    Wed, 01 Sep 2010 13:00:00 GMT
    [Business Wire] - DUBLIN, Calif.----Sybase, Inc., an SAP company and industry leader in enterprise and mobile software, today revealed the results of a new Report – ‘Measuring the Business Impacts of Effective Data’ – an extensive study benchmarking some of the world’s leading enterprises across a wide range of industries by measuring the direct correlation between a company’s IT investments and overall business performance.

    Copyright © 2010 Homepage for SAP Professionals Design by SRS Solutions
    top
    WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera
    SAP is a registered trademark of SAP AG in Germany and in several other countries. The Homepage for SAP Professionals is not affiliated to SAP AG or any of its subsidiaries.