I was wondering if there is a body of information or best practices when it comes to managing security/authorization/profile/user management in large installations? We currently have a large customer site (30,000+ users) which is seeking expertise to help them design and manage the overall security around their SAP landscape. It comprises multiple SAP systems e.g. SAP R/3, BW, SRM, WP, etc.
Requires Free Membership to View
When you register, you will start receiving targeted emails from my award-winning team of editorial writers. Our goal is to keep you informed on the hottest topics and biggest challenges faced by SAP professionals today.
Hannah Smalltree, Editorial Director
Frankly, I am in a similar scenario. I don't know of any specific
document that speaks to managing the security across the spectrum, but I
can share with you some of my key principles:
First, it is important to understand where the business is going, what they
want to get out of SAP, and the level of importance they put around data
within SAP.
Second, Based upon the above, you need to develop a well-thought strategy
and vision that you can share with business leaders. This document will
serve to put clear objectives for your security efforts.
Third, assemble solid standards around every facet of the security model.
From User Naming convention, User Group Convention, Role Naming Convention,
ABAP Query Security approach, CATT Security approach, Table and program
auth groups, Info-Cube and InfoObject security strategy, Data
classifications, and Role Menu structure. Always, Always follow them. If
you don't, you will regret it later, and end up doing double work.
Fourth, develop and implement a common user request process for all SAP
systems. Identify business owners and document approvals.
Five, Consistently report to management your success in these factors, be
honest, and stand your ground when you need to.
This was first published in September 2002