Q

Best security practices for large SAP installations

I was wondering if there is a body of information or best practices when it comes to managing security/authorization/profile/user management in large installations? We currently have a large customer site (30,000+ users) which is seeking expertise to help them design and manage the overall security around their SAP landscape. It comprises multiple SAP systems e.g. SAP R/3, BW, SRM, WP, etc.

I was wondering if there is a body of information or best practices when it comes to managing security/authorization/profile/user

management in large installations? We currently have a large customer site (30,000+ users) which is seeking expertise to help them design and manage the overall security around their SAP landscape. It comprises multiple SAP systems e.g. SAP R/3, BW, SRM, WP, etc.


Frankly, I am in a similar scenario. I don't know of any specific document that speaks to managing the security across the spectrum, but I can share with you some of my key principles:

First, it is important to understand where the business is going, what they want to get out of SAP, and the level of importance they put around data within SAP.
Second, Based upon the above, you need to develop a well-thought strategy and vision that you can share with business leaders. This document will serve to put clear objectives for your security efforts.
Third, assemble solid standards around every facet of the security model. From User Naming convention, User Group Convention, Role Naming Convention, ABAP Query Security approach, CATT Security approach, Table and program auth groups, Info-Cube and InfoObject security strategy, Data classifications, and Role Menu structure. Always, Always follow them. If you don't, you will regret it later, and end up doing double work.
Fourth, develop and implement a common user request process for all SAP systems. Identify business owners and document approvals.
Five, Consistently report to management your success in these factors, be honest, and stand your ground when you need to.


This was first published in September 2002

Dig deeper on SAP security administration

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchManufacturingERP

SearchOracle

SearchDataManagement

SearchAWS

SearchBusinessAnalytics

SearchCRM

SearchContentManagement

SearchFinancialApplications

Close