Further information
Implementation of security updates, patches and enhancement packages
Basis comprises a number of middleware programs and tools from SAP. Basis is responsible for the smooth operation of the SAP Basis system and thus for R/3 and SAP ERP, for example. SAP thus provides the underlying basis (hence the name) that enables various SAP applications to be interoperable and portable across operating systems and databases.
If you need to reinstall a Support Package because of errors or because a SPAM update is required, reset its status. Resetting does not mean that the system is at an old state. Note that your system is inconsistent when you reset the status after items have already been imported (for example, after the DDIC_IMPORT step and following). Resetting the status should only be used to troubleshoot the issue and you should repeat the playback as soon as possible. Procedure To reset the status of a Support Package or Queue, select Add Status Reset. Result After updating the status, the corresponding entries in the cofile and in the log file are deleted. The support package must then be fully reloaded. The transaction SPAM starts the insertion with the step CHECK_REQUIREMENTS [page 26].
Finally run SQL queries directly in the SAP system
It is of great importance to keep the knowledge of SAP Basis experts in the company transparent. One possibility is of course to "look over the shoulder" or to ask the expert directly. However, this is very time-consuming and puts a strain on the expert himself.
This access method depends solely on the rights assigned to the user. System users: Users of this user group are comparable to SAP*. They act as administrator in the system. Therefore, they should be deactivated / set to inactive as soon as possible, as soon as the system operation is ensured. You should still be aware of the SAP ERP environment to address this security risk. In a HANA system, there are privileges instead of permissions. The difference is first of all in terms of terminology. Nevertheless, the permissions are assigned differently (directly / indirectly) via the assignment of roles. These are thus accumulations of privileges. As in older SAP systems, system users must be disabled and certain roles that already exist must be restricted. Compared to an SAP ERP system, small apps are allowed instead of large applications. In this case, attention should be paid to an individual authorisation. It should be a matter of course for users to have implemented secure password rules. Settings Securing the system also means securing the underlying infrastructure. Everything from the network to the host's operating system must be secured. When looking at the system landscape, it is striking that the new technology brings many connections that need to be secured. The SAP Gateway, which is responsible for the connection between backend and frontend, is also a security risk and must be considered. All security settings of existing and future components must be validated to HANA compatibility. Secure communication of connections is obtained when you restrict access where possible. Encryption of the data of a HANA system is disabled by default. Be sure to encrypt sensitive data anyway. Especially data that is archived. If an attack is made on your system, you should be able to run forensic analysis, so you should enable the audit log. Moreover, few users should have access to it.
"Shortcut for SAP Systems" makes it easier and quicker to complete a number of SAP basis tasks.
Map this permission profile to the system administrator only.
SAP Basis is the foundation of any SAP system. You can find a lot of useful information about it on this page: www.sap-corner.de.
All topics are relevant, which may also be of interest to a customer.