Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Security Cleanup and how to approach.

Go to solution
sreekanth_sunkara
Active Participant

‎09-09-2010 2:59 PM

0 Kudos

Hi all,

I am working in SAP Security for sometime. now i need some guidance from you all. My company want to review all the SAP systems and cleanup the systems if necessary. what is best approach that i need to take inorder to review the systems. Are there any documents on what sections we need to focus while reviewing the systems. (for ex security parameters, critical objects,....)

thanks in advance,

SS

Edited by: sun on Sep 9, 2010 3:59 PM

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎09-09-2010 3:22 PM

0 Kudos

Hi,

The term "cleanup" means different things to different people.

Lets start out by finding out "exactly what do you want to achieve". If you can give us some detail on what your objective is then we can focus on them. Cleanup could be anything from deleting obsolete roles to deploying a consistent set of support roles all the way to remediating SoD's in your landscape so it will help to understand your scope.

6 REPLIES 6

Go to solution
Former Member

‎09-09-2010 3:22 PM

0 Kudos

Hi,

The term "cleanup" means different things to different people.

Lets start out by finding out "exactly what do you want to achieve". If you can give us some detail on what your objective is then we can focus on them. Cleanup could be anything from deleting obsolete roles to deploying a consistent set of support roles all the way to remediating SoD's in your landscape so it will help to understand your scope.

Go to solution
sreekanth_sunkara
Active Participant
In response to Former Member

‎09-09-2010 3:53 PM

0 Kudos

Hi Alex,

In my case cleanup is to review the SAP system and make recommendations. for ex: we have lot of test user ids sitting in CUA with out any roles and profiles and they are created for various projects so we want to remove them and also see if the security parameters are ok, see who has critical authorizations ( access to tables, permissions to create users and so on..)

what i wanted to know is if there is a document like checklist where i can see if every security setting in the system is ok and recommendations for best practice.

Thanks,

SS

Go to solution
Former Member
In response to Former Member

‎09-09-2010 4:02 PM

0 Kudos

The 315 other posts here on SDN (and that is just with this user ID) should be able to give you a rough estimate of the clean-up scope..

Cheers,

Julius

Go to solution
Former Member
In response to Former Member

‎09-09-2010 4:42 PM

0 Kudos

If you have a look at the SAPPress books (e.g. the Linkies/Off book) you will see they are broken down into subject areas and cover areas such as user maint, param settings. They give their version of good practice which you can then follow. Even the index would give you a good idea of areas that you need to look at.

@Julius 😜

Go to solution
sreekanth_sunkara
Active Participant
In response to Former Member

‎09-09-2010 9:07 PM

0 Kudos

Alex,

Thank you very much for giving me some tips. i know that there won't be any direct answer for this.

Thanks a lot.

SS

Go to solution
Former Member

‎09-09-2010 3:50 PM

0 Kudos

Sun,

I agree with Alex. If what you're discussing is a complete redesign of the security throughout all systems, you may potentially be referring to a project involving multiple resources and a budget. You also will want to consider governance. Again, as Alex suggested, it would help to give more background.