sap security online training canada,dubai - PowerPoint PPT Presentation

About This Presentation
Title:

sap security online training canada,dubai

Description:

www.magnifictraining.com - " SAP SECURITY ONLINE TRAINING " contact us:info@magnifictraining.com or+1-6786933994,+1-6786933475, +919052666559 By Real Time Experts from Hyderabad, Bangalore,India,USA,Canada,UK, Australia,South Africa. – PowerPoint PPT presentation

Number of Views:69
Slides: 19
Provided by: sapsecurity
Category:

less

Transcript and Presenter's Notes

Title: sap security online training canada,dubai


1
SAP Security Online Training
Online classroom Corporate Training
certifications placements support CONTACT
US MAGNIFIC TRAINING INDIA 91-9052666559 USA
1-678-693-3475 info_at_magnifictraining.com www.
magnifictraining.com
2
SAP Security Online Training
  • Introduction
  • What is Security
  • Building blocks
  • Common terminologies used Most Common
  • tools in Security
  • CUA

www. magnifictraining.com
3
SAP Security Online Training
  • What is Security?
  • Security concept is same around the globe like in
    your normal life, security
  • means removing or restricting unauthorized access
    to your belongings. For
  • example your Car, laptop or cared cards etc
  • IT Security?
  • Information security (sometimes shortened to
    InfoSec) is the practice
  • defending information from unauthorized access,
    use, disclosure, disruption,
  • modification, perusal, inspection, recording or
    destruction. It is a general term
  • that can be used regardless of the form the data
    may take (electronic, physical,
  • etc...)
  • SAP Security?
  • In the same context of InfoSec. SAP security have
    the same meaning or in other words - who can do
    what in SAP?

www. magnifictraining.com
4
SAP Security Online Training
  • Building Blocks
  • User Master
  • Record Roles
  • Profiles Authorization
  • Objects

www. magnifictraining.com
5
SAP Security Online Training
  • User Master Record?
  • A User initially has no access in SAP
  • When we create access in system it defines UMR
    User Master Record information includes
  • Name, Password, Address, User type, Company
    information
  • User Group
  • Roles and Profiles
  • Validity dates (from/to)
  • User defaults (logon language, default printer,
    date format, etc)
  • User Types Dialog typical for most users
    System cannot be used for dialog login, can
    communicate between systems and start background
    jobs Communications Data cannot be used for
    dialog login, can communicate between systems but
    cannot start background jobs Reference cannot
    log in, used to assign additional Authorizations

www. magnifictraining.com
6
SAP Security Online Training
  • Roles and Profiles Roles is group of tcode (s),
    which is used to perform a specific business
    task.
  • Each role requires specific privileges to perform
    a function in SAP that is called AUTHORIZATIONS
    There are 3 types of Roles
  • Single an independent Role
  • Derived has a parent and differs only in
    Organization Levels. Maintain Transactions, Menu,
    Authorizations only at the parent level
  • Composite container that contains one or more
    Single or Derived Roles

www. magnifictraining.com
7
SAP Security Online Training
  • Authorization Objects
  • Authorization Objects are the keys to SAP
    security
  • When you attempt actions in SAP the system
    checks to see whether you have the appropriate
    Authorizations
  • The same Authorization Objects can be used by
    different Transactions

www. magnifictraining.com
8
SAP Security Online Training
  • User Buffer?
  • When a User logs into the system, all of the
    Authorizations that the User has are loaded into
    a special place in memory called the User Buffer
  • As the User attempts to perform activities, the
    system checks whether the user has the
    appropriate Authorization Objects in the User
    Buffer.
  • You can see the buffer in Transaction .

www. magnifictraining.com
9
SAP Security Online Training
  • Executing a Transaction (Authorization Checks)
  • Does the Transaction exist? All Transactions have
    an entry in table TSTC
  • Is the Transaction locked? Transactions are
    locked using Transaction SM01 Once locked, they
    cannot be used in any client
  • Can the User start the Transaction? Every
    Transaction requires that the user have the
    Object S_TCODETransaction Name Some Transactions
    also require another Authorization Object to
    start (varies depending on the Transaction)
  • What can the User do in the Transaction? The
    system will check to see if the user has
    additional Authorization Objects as necessary

www. magnifictraining.com
10
SAP Security Online Training
  • How to trace missing Authorization Frequently you
    find that the role you built has inadequate
    accesses and will fail during testing or during
    production usage. Why?
  • Why It happens?
  • Negligence of tester or some other reason How
    process initiated?
  • This process kicks when security guy receives
  • Email or
  • phone call or
  • ticket

www. magnifictraining.com
11
SAP Security Online Training
  • How do we determine correct accesses required?
  • SAP has various tools to analyse access errors
    and determine correct Authorizations required
    ?Use Last Failed Authorization check - SU53 (60
    effective)
  • Use Assignment of Auth Object to Transactions -
    SU24 (60 effective)
  • Trace the Authorizations for a function - ST01
    (90 effective)

www. magnifictraining.com
12
SAP Security Online Training
  • Common Terminologies
  • User master Records Roles Authorizations
    Authority
  • Check user buffer Authorization Errors security
    matrix
  • Profiles Authorization Objects User menus

www. magnifictraining.com
13
SAP Security Online Training
  • SAP Password controls There are some Standard SAP
    password Controls delivered by SAP which cannot
    be changed
  • First-time users forced to change their passwords
    before they can log onto the SAP system, or after
    their password is reset.
  • Users can only change their password when logging
    on.
  • Users can change their password at most, once a
    day
  • Users can not re-use their previous five
    passwords.
  • The first character can not be ? or !.
  • The first three characters of the password cannot
  • appear in the same order as part of the user
    name.
  • all be the same.
  • include space characters.
  • The password cannot be PASS or SAP.

www. magnifictraining.com
14
SAP Security Online Training
  • Password Controls - cont.
  • SAP Password System Parameters - system wide
    settings that can be configured by MPL - Minimum
    Password Length Password locked after
    unsuccessful login attempts Password Expiration
    time Password complexity
  • Illegal Passwords MPL can define passwords that
    cannot be used
  • Enter impermissible passwords into SAP table
    USR40 MPL Master parts List

www. magnifictraining.com
15
SAP Security Online Training
  • Tools
  • ? SU01 User Maintenance
  • ? PFCG Role Maintenance
  • ? SUIM Authorization Reporting Tree
  • ? SU02 Maintain Profiles
  • ? SU03 Maintain Authorisations
  • ?SU10 User Maintenance Mass Changes
  • ? SU21 Maintain Authorization Objects
  • ? SU24 Auth Object check under transactions
  • ? SU3 Maintain default settings
  • ? SU53 Display Authority Check Values

www. magnifictraining.com
16
SAP Security Online Training
  • CUA Central User Administration is a feature in
    SAP that helps to streamline multiple users
    account management on different clients in a
    multi SAP systems environment. This feature is
    laudable when similar user accounts are created
    and managed on multiple clients
  • ? Centralized Admin
  • ? Data consistency accuracy
  • ? Eliminate redundant efforts

www. magnifictraining.com
17
SAP Security Online Training
  • We offer you
  • 1. Interactive Learning at Learners
    convenience2. Industry Savvy Trainers3. Learn
    Right from Your Place4. Customized Curriculum5.
    24/7 system access6. Highly Affordable
    Courses7. Support after Training a. Resume
    Preparation b. Certification Guidance c.
    Interview assistance

www. magnifictraining.com
18
SAP Security Online Training
Write a Comment
User Comments (0)
About PowerShow.com