Schedule user matching as a background job
In addition to the optimisation potential of Security Automation, which I explained in more detail in my last post, the E-Learning division also offers numerous possibilities for automation. Since many companies are not yet making the most of these potentials due to a lack of knowledge about this particular form of knowledge transfer, I would like to address this in the following post. E-learning is also a form of automation that, if used correctly, brings many positive aspects. In the end, e-learning is a way to store know-how in a form that can be retrieved again and again. This means, of course, a certain initial effort for the creator, which nevertheless pays off more than if the quality is sufficient. What are the opportunities for a company to take advantage of e-learning? A company has several ways in which it can exploit and use the area of e-learning for itself. The fundamental question that should arise immediately after the decision to do so is whether the company creates the content itself or whether it relies on the content from external sources. Both have advantages and disadvantages, which I would like to explain in the following.
In the age of digitisation, the wheel need not be reinvented. Certain functions are consumed or used by platforms only, without fully retaining the necessary infrastructure. In order to participate in this compared to competitors, it is necessary to introduce these technologies, to use them and to learn about their possibilities. Examples include the use of cloud services or applications in the IoT and big data environment.
If table logging is active in your system, you can specify which tables are to be logged in transaction SE13. For an active logging it is necessary to set the flag "Log data changes".
Either temporary programme calls are blocked that are actually desired or enormously large gateway logs must be analysed. If, due to the heavy workload, one were to decide to forgo the use of the access control lists permanently, this would be a major security vulnerability. The unprotected system does not have any limitations on the external services that may register, and there are no rules for running programmes. One possible consequence would be, for example, the registration of an external system on which malicious programmes exist. At the moment when foreign programmes are running on your system without any control, you can expect that great damage will be done. For example, it ranges from an unnoticed reading of purchase and sales figures, a diversion of funds, to a paralysis or manipulation of the entire system. In addition, this scenario is also possible for poorly maintained access control lists. Our solution: secinfo and reginfo Generator for SAP RFC Gateway To solve the problem, we have developed a generator that can automatically create secinfo and reginfo files based on gateway logs. The basic idea is based on the logging-based approach. It performs the task of time-consuming analysis of log files and also ensures maximum reliability through automation. Nevertheless, the entries of the generated files should be checked by one person. Since the log files used as input are sensitive data, of course none of the inserted data leave your system. More information about the generator can be found here.
The "Shortcut for SAP Systems" tool is ideal for doing many tasks in the SAP basis more easily and quickly.
Installation, maintenance and servicing of other software that is not an SAP system, but also provides important functions such as SAP Router, SAP Cloud Connector, TREX, SAP ETD and much more.
It is one of the first products in this segment of SAP security and was used by SAP itself for many years.