Throughout the world, high-profile large organizations (aerospace and defense, automotive, banking, chemicals, financial service providers, healthcare, high tech, insurance, oil and gas, pharmaceuticals, retail, telecommunications, and utilities) and governments are using SAP software to process their most mission-critical, highly sensitive data. With more than 100,000 installations, SAP is the world's largest enterprise software company and the world's third largest independent software supplier overall. Despite this widespread use, there have been very few books written on SAP implementation and security, despite a great deal of interest. (There are 220,000 members in an on-line SAP 'community' seeking information, ideas and tools on the IT Toolbox Website alone.) Managing SAP user authentication and authorizations is becoming more complex than ever, as there are more and more SAP products involved that have very different access issues. It's a complex area that requires focused expertise.This book is designed for these network and systems administrator who deal with the complexity of having to make judgmental decisions regarding enormously complicated and technical data in the SAP landscape, as well as pay attention to new compliance rules and security regulations.Most SAP users experience significant challenges when trying to manage and mitigate the risks in existing or new security solutions and usually end up facing repetitive, expensive re-work and perpetuated compliance challenges. This book is designed to help them properly and efficiently manage these challenges on an ongoing basis. It aims to remove the 'Black Box' mystique that surrounds SAP security.
* The most comprehensive coverage of the essentials of SAP security currently available: risk and control management, identity and access management, data protection and privacy, corporate governance, legal and regulatory compliance.
* This book contains information about SAP security that is not available anywhere else to help the reader avoid the "gotchas" that may leave them vulnerable during times of upgrade or other system changes
*Companion Web site provides custom SAP scripts, which readers can download to install, configure and troubleshoot SAP.
SAP analysts/specialists/architects, SAP consultants, network and systems administrators, SAP analysts/specialists, SAP consultants, IT security staff, IT security consultants, security analysts/engineers, IT auditors
Table of Contents
SAP Security Introduction; Authorization Concept and Security Mechanics; Security Administration and Parameters; Security: Authorization Documentation and Tracing; Transaction Security; Table Security; Program Security; Profile Generator; Interfaces and Conversions; Systems Monitoring and Management; System Profiles; Job Scheduling; Programming; Database management and monitoring; Technical Infrastructure; Identity and Access Management; Data Protection; Platform/Operating System Security; Vulnerability Management; Secure Change Management; Disaster Recovery; Regulatory Compliance, Auditing, Governance & Risk Compliance