Good communication skills (foreign language skills)
What are the different areas when working with SAP systems?
In every company with several SAP systems, there is a person responsible for the complete SAP Basis topics, usually there is even a separate department for this. This person ensures the trouble-free operation of the SAP systems. The person responsible also accompanies maintenance work or upgrades and intervenes in special situations, such as poor performance. Even for companies that hand over the operation of the SAP Basis to an external service provider, there are often still tasks from the environment of user and authorization management at this point.
As we explained in SAP Basis, your SAP Basis administrator (or team) is directly responsible for keeping your SAP landscape healthy, online, and up-to-date. This includes:
CODE_SCANNER ABAP Search
Basis administrators often have basic ABAP knowledge, for example, and ABAP developers know the basics of SAP Basis. Nevertheless, the two fields of activity are usually organizationally separated in the company.
For example, many customer ABAP programs work by uploading or downloading data. There are potentially large security gaps here that allow access to server data. In addition, the widespread direct invocation of operating system commands that are not covered by a self-programmed authorization check is a major problem. Even though classic SQL injection, i.e., the entry of extended SQL commands, is a potential security vulnerability, it occurs rather rarely in SAP systems. More widespread is the unintentional dynamization of SQL calls because input parameters are not sufficiently checked. The need to check all in-house developments internally for such security vulnerabilities before they are delivered in SAP's own code has led to the development of the SAP Code Vulnerability Analyzer tool.
"Shortcut for SAP Systems" simplifies tasks in the area of the SAP basis and complements missing functions of the standard.
Be able to start, stop, reconfigure, backup, and troubleshoot an SAP HANA 2.0 database SPS04.
Another important point is that once a user has the necessary permissions to use the transaction DBACOCKPIT, it can potentially (with appropriate permissions on the tables) access the entire SAP system.