introduction to sap security
DESCRIPTION
SAP security is one of the most important technical module where the SAP security administrators are responsible for the development and administration of user rights on SAP systems.TRANSCRIPT
What is SAP (System Applications Products)?
The following articles guides you everything about SAP ERP Systems. The first question which arises in our mind “what is SAP” ? and what is SAP ERP software?, which is the best SAP module and which module has a best scope for bright future ??
What does SAP stands for – SAP stands for Systems, Applications and Products in data processing.
SAP is the fourth largest software company in the world. The SAP R/3 system is a business software package designed to integrate all
areas of a business. It provides end to end solutions for financials, manufacturing, logistics,
distribution etc. All business processes are executed in one SAP system and sharing common
information with everyone.
SAP is an Enterprise Resource Planning (ERP) system by SAP AG, company based out of Walldorf in Germany. AG is derived from the German word AKtiengesellschaft. According to German Language, SAP Stands for Systeme, Anwendungen und Produkte in Der Datenverarbeitung. SAP software suite that is being implemented as part of re-engineering and Provides end to end solutions for financial, logistics, distribution, inventories. Present scenario large numbers of companies are using sap software for their day to day business activities.
After the hugely successful R/3, SAP created more and more niche software like Customer Relationship Management (CRM), SRM, XI (now called Process Integration or PI) and once again living up to the standards of SAP by maintaining tight integration with their core ECC software. The newest version of the suite is SAP ECC 6.0.
SAP History
SAP Founded in and around 1972 by five IBM engineers Hopp, Wellenreuther, Hector, Tschira and Plattner.
SAP R/1 :– The first version of SAP software was launched in and around 1972 known as the “R/1 system. R” stands for real-time data processing. it is one tier architecture in which three layers Presentation, Application and Database are installed in one system/server
(One – Presentation + Application + Database)
SAP R/2 :– In 1979 second version of SAP R/2 was released. with IBM‟s database and a dialogue-oriented business application. SAP R/2 to handle different languages and
currencies. R/2 is 2 tier architecture in which three layers Presentation, Application and Database are installed in two separate server.
(Server one – Presentation, Server two – Application + Database
SAP R/3 :– SAP upgraded R/2 to R/3. SAP R/3 is the client/server version of the software and it is 3 tier architecture in which three layers Presentation, Application and data base are installed in three server systems.
Server one – Presentation, Server Two – Application, server Three – Database
Products of SAP
SAP R/3 and R/3 Enterprise
mySAP Business Suite SAP ERP
SAP Industry Solutions
SAP xApps SAP Solution Manager
Industry Solutions of SAP
SAP R/3 – Modules & Integration
SAP Functional Modules
FICO – Finance & Control PP – Production Planning MM – Material Management SD – Sales & Distribution
HR – Human Resources
SAP Technical Modules
ABAP – Advanced business applications programming
XI – Exchange Infrastructure
Net viewer Basis
BIW – Business Information Warehousing
What is SAP FICO ?
SAP FICO Stands for FI (Financial Accounting) and CO (Controlling). SAP FICO is the imp module of ERP and both Finance and Controlling modules stores the financial transactions data. The „FI (Financial Accounting)‟ records, collects, and processes financial transactions or information on a real-time basis to
provide the necessary inputs for external (statutory) reporting purpose. SAP CO plays an important role for the management decision making purpose and for the internal reporting purpose.
FICO contains the following sub-modules.
FI CO
General Ledger accounting
Cost Element Accounting
Accounts Receivables Cost Center Accounting
Accounts Payable Profit Center Accounting
Asset Accounting Internal Orders
Bank Accounting Product Cost Controlling
Consolidation Profitability Analysis
Special Purpose Ledger
Travel Management
What is SAP MM ?
SAP MM ( Material Management ) is one of the imp module in SAP ERP software and it supports the procurement and inventory functions occurring in day-to-day business operations. This MM module contains many aspects such as purchasing, goods receiving, material storage, consumption-based planning, and inventory. SAP MM module is fully integrated with other modules in the SAP R/3 System such as FICO, SD, QM, PM, PP, and WM.
SAP PP
The Production Planning application module is used to plan and control the manufacturing activities of a company. consists of all system configuration, master data, , and complete solution to Produce process.
SAP SD ?
SAP SD (Sales and Distribution) is important module of SAP and it is a part of logistics. The main activities of SD are sales order handling, distribution of shipments to customers, billing process, customer invoice, delivery.SD module is fully integrated with other modules in the SAP R/3 System such as Finance, Purchasing (MM), Production Planning (PP).
What is SAP HR?
SAP Human Resources manages complete employee life cycle and payroll. All aspects are covered from training to appraisal.
Advantages of SAP:-
SAP software manages these business management tasks in modules that all work together in one system by sharing information.
Promoting consistent practice across an entire division
No duplicate data
Automate Project Monitoring and Multi-dimensional and flexible reporting Standardization of business processes
Make Planning, Scheduling, Tracking and Management easier leaving more time for you to perform value-added work
Ability to provide clear cut job roles with authorizations
Enabling integration with e-commerce Cost Savings on overheads such as Stationery, File Storage, etc
Why – SAP R/3 software has been successful
Multi-Lingual Secure Information Multi-Currency
Best business Practice
Enterprise-Wide Real time processing with an integrated suite of client/server applications
SAP R/3 Architecture
SAP Systems contains three layers such as Presentation Layer, Application Layer and Database
Layer.
Presentation: – It is a layer where the user work with SAP GUI. It interacts with
database layer via Application layer.
Application: – It interacts between presentation and database layer
Database: – It is a central database that stores all the data of ERP SAP Systems.
SAP Business Suites
SAP offering various applications along with the ERP SAP to meet the customer requirement.
The important applications of SAP are as follows.
SAP Supply Chain Management (SAP SCM)
SAP Customer Relationship Management (SAP CRM)
SAP Product Life Cycle Management (SAP PLM)
SAP Supplier Relationship Management (SAP SRM)
SAP Advanced Planning and Optimization (SAP APO)
Phases of SAP Implementation project
Phase 1 – Project Preparation, Phase 2 – Business Blueprint, Phase 3 – Realization, Phase 4 – Final Preparation, Phase 5 – Go-Live and support
SAP Logon
The following training tutorials guides you everything about SAP logon process and how to start
the SAP systems step by step.
You can access the SAP Logon screen by two methods.
1. Double clicking the SAP Logon icon from the desktop. It is GUI (Graphic User Interphase)
which helps you login to SAP.
2. By selecting start menu and click on all programs. Follow the following steps to start SAP
from the start menu.
Start >>> All programs >>> SAP Front End >>> SAP Logon.
After selecting SAP Log on, the following Log on screen appears. Click on Log On option on the
SAP Logon 720 to logon to SAP system.
The following screen appears to update the logon details.
1. Client: – Update the client number (e.g 800, 200 etc)
2. User: – Enter the user id provided by administrator.
3. Password: – Enter the password provided by administrator, however you can change the
password for security purpose. (Note when you are entering password asterisk appears
rather than characters)
4. Language : – To enter language key is optional. Enter the language key that you want to
display menus and fields in specific language.
After updating client as 800, user id as adark, and password, press enter button so it will take you
SAP Easy Access screen as shown below.
With this SAP easy access screen you can work all activities such as implementation,
development, end user activities.
What is SAP Security?
SAP Security is one of the most important components of SAP, and although SAP Security is
considered to be a specialist’s job, it is important that the IT department of an organization
knows about its basic implementation and not have to depend on an expert for all the essentials.
Organizations can take the maintenance of SAP Security in-house and it would help to follow
our simple 10 step guideline for the implementation of SAP Security.
1. Align your SAP configuration settings with the policies of your organization
Your company should have an IT security policy that is in-line with the compulsory software
requirements, which could include things like minimum length of a password, the strength of the
password, number of failed password attempts allowed and so on. These parameters can be
viewed using SAP transaction RSPFPAR.
2. Provide access to generic accounts
SAP has a plenty of generic user accounts, need to be incorporated by the SAP Security team,
and should be done so during the installation process itself. The USER Ids must be already
sealed up by the time the installation process is completed and the system has been set up.
3. Allocate wide access profiles
An organization needs generic Ids for accessing SAP, in addition to elite generic profiles that
provide a complete access to the entire SAP system. However, the SAP Security team should do
so only in the initial stages of the installing and set-up of the SAP system and in emergency
situations.
4. There has to be a support and access to the entire team
The SAP Security team has to build special profiles and user roles for each member of the
support staff or of each team member working on a project. The project team members are given
the SAP_ALL profile or a wide-access profile which is similar to SAP_ALL.
5. Segregation of duties and responsibilities in the organization
SAP is an integrated system in which sales, CRM, manufacturing, financials, accounting,
inventory – every module is integrated with one another. This presents great problems from the
SAP Security point of view as it is critical that crucial data doesn’t fall into the hands of people
with inadequate access or one who doesn’t have enough privileges. The management and the
monitoring of segregation of duties of SoD is an incredibly important part of the SAP Security
team’s work. The probable Sod risks how an organization does its business are determined, and
then compliance with an organization’s rules are embedded for approval and provisioning of
access provided.
6. Providing for emergency procedures and highly privileged account access
Determining organizational roles and responsibilities on a day-to-day basis is another important
part of an SAP Security team’s work. Each of the access controls mandated for a member of the
organization must be approved beforehand by the head of an SAP application support team or a
similarly important authority. The emergency access procedures and processes involve tools like
SAP GRC Super User Privilege Management (SPM).
7. Enable User access as well as housekeeping reviews
The SAP Security team must enable regular reviews of generic accounts, duplicate user IDs,
password parameters, and conduct periodic reviews to check the appropriateness of the access
thus given.
8. Change the management procedures if required
The SAP Security team must enable generic changes in management practices such as
documentation and testing of all modifications, as well as a thorough maintenance of audit trails
of business approvals that are required for all possible changes.
9. Provide access to functions that are considered to be sensitive
The SAP Security team must provide access to maintain as well as to create users and roles, to
execute operating system commands, to transport objects and transactions, to create programs
and to change them, to either open or close systems during configuration and lastly, provide the
access required to debug programs, by making it possible for users of the SAP system to bypass
any authorization checks, if required.
10. Allow for an ownership of the security processes of a business
Lastly, there has to be enough control that a business can exercise over the SAP Security in the
organization. The business must determine the SAP Security levels and understand the
implications of their implementation. The business must decide which employee is allowed
access to a particular SAP module or function and who is not.
What is ERP Systems (Enterprise Resource Planning)
Enterprise Resource Planning (ERP): – What is ERP (Enterprise Resource Planning), ERP
System, ERP software.
ERP stands for Enterprise Resource Planning. ERP Systems support business or enterprise through the organizing, planning, maintaining,
tracking and utilization of organization resources(Man, Machine, Material and Money) ERP is gate way to integrate the data and processes of an organization into single system with all
modules that supports the core business areas. Enterprise Resource Planning systems cover all basic functions of an organization Enterprise Resource Planning is developing into a Multi-Module Application Software Package
that enables business processes across the supply chain management. ERP Software allows to integrate all the operational units such as financing, human resources,
manufacturing, sales, marketing, finance & accounting, procurement, inventory management and so on.
ERP software system allows the business to achieve real time business process, increase productivity, improves delivery, reduce cost and increase profits, increase product quality, improve information and performance management.
If u get a query what is erp, simply we can explain ERP is a business suite with number of
applications that are integrated together and assist an organization in collecting, managing and
reporting information throughout the business process.
Why We Need ERP Systems Software
What is ERP system– ERP is an integrated systems of different business process for e.g. if a
company has different departments like sales department, production department, material
management, finance department, etc. so in ERP we have an integration of all the departments
and they all use common database.
1. We can have standardization of systems across locations. For e.g. for MNC companies can have different plants in different locations with standard systems.
2. Erp systems help to have a better controlling over the different process. 3. As ERP is an integrated system, it helps to provide the better reporting.
History of ERP Systems
ERP System has taken years to emerge and is still evolving. These systems are transformation and ever-changing.
Before early ERP-type systems emerged, in the prehistoric age of 1960 and early 1970’s Departmentalized systems came into picture.
In 1970’s manufacturing chain was the center of business operations. This led to the development of MRP systems.
The second phase of ERP development occurred in 1980’s which focused more on quality measures which led to the evolution of MRP II Systems.
In the 1990’s, Enterprise Resource Planning started using multi-module application to increase organizations process. ERP Systems integrates with all the modules of organization’s business modules and this led to the evolution of ERP System.
The benefits of ERP systems are: customer satisfaction, better information, productivity, increased quality and decreases in time to market, product cost, delivery time, inventory levels.
What is ERP software and its components
The important and major components of ERP systems are manufacturing, SCM, Financial
Accounting management, Human resources management and Customer relationship
management.
ERP Advantages and Disadvantages
Advantages of Implementation of an ERP system :
Reduced redundancy in entering data ERP system provides the real time information all needs of the organization in a single system. It Allow everyone to access same source and share same source of information It allows to access, update instantly and saves lot of time. Integration among different functional areas to ensure proper communication, productivity and
efficiency The Accounting for all of these tasks, tracking the Revenue, Cost and Profit on a granular level. Allow standardization of business processes and enterprise’s information. It is a single source of systems that can be used throughout the organization. ERP software enables real time information availability, reduction in inventory and cycle times.
Disadvantages of ERP Systems:-
The disadvantages of ERP systems are as follows :-
Takes a lot of effort and time and requires a lot of training Customization of the ERP software is limited, you may not allowed to design application as per
business requirements. ERP systems can be very expensive to install. ERP Systems centralize the data in one place and this can increase the risk of loss of sensitive
information in the event of a security violation. The usage of ERP system can be difficult for users, so appropriate training is to require using the
ERP software.
Before ERP
After ERP systems
What is ERP in Manufacturing
A manufacturing company could use an ERP system to track and manage virtually every
operation in the organization. Requests for Proposal (RFP) and corresponding quotes can be
entered and assigned to any large database of customers. Quotes can be changed to Sales orders
upon receipt of purchase orders, with line items and corresponding prices that represent goods to
be delivered to a customer.
What is ERP SAP
SAP is an Enterprise Resource Planning software that supports all the companies business
process. It integrates with all SAP modules and provides the accurate business solutions of
financial, sales, manufacturing etc.
Common ERP Modules
1. Sales Order (SO) 2. Purchase Order (PO) 3. Finance and Accounting 4. Manufacturing Resource Planning 5. Customer relationship management 6. Human Resources 7. Procurement 8. Marketing
The important modules in ERP SAP Systems are as follows-
What is ERP SAP FICO: – SAP FICO stands for Financial Accounting and controlling. It is
one of the important module of ERP because it store all the financial transactions data of
company. It is used for extract the financial statements of balance sheet and Profit & Loss
accounts for external reporting.
What is ERP SAP MM: – SAP MM stands for Material Management, it supports the
procurement process and inventory functions of day to day operations. SAP MM module carriers
all the activities of material planning and control, purchasing, inventory management, goods
receipt and invoice verification.
What is ERP SD: – SAP SD stands for Sales and Distribution, it handles all the process of order
to delivery and execute all the process of sales, shipping and billing of goods and services.
What is ERP SAP HR: – SAP HR is also known as HCM (Human Capital Management), it
handles all the activities of employees from hiring to final termination in organization.
What is ERP SAP ABAP: – SAP ABAP stands for Advanced Business Application
Programming; it is a fourth generation programming language that is used to develop the SAP
applications.
ERP Software Packages
Baan by Baan Corporation. PeopleSoft from oracle corporation Oracle Application JD Edwards from oracle Navision SAP from SAP AG (With total 60% market share).