Deutsch
English
Polski
 Home Company Newsletter Jobs Imprint Contact Search  

Business Consulting
Microsoft / .NET
Outsourcing and Services
Java / SAP
International projects
Projekte und Softwareentwicklung
JBoss/JEMS & Open Source
Systemintegration
Agiles Vorgehen u. Methodik
Bankenberatung
Lösungen
SAP- and NetWeaver Consulting
SAP Security Consulting and Auditing
Schulungen
Referenzen

SAP Security Consulting and Auditing

It is virtually impossible for “normal” administrators to maintain full control over the complexity of an SAP integrated system. Incorrect system settings in the SAP system, operating system or database often lead to major security problems. Every addition of new software components with their own system parameters and authorisation concepts increases the risk that gaps in the system will remain hidden. The authorisation and role concept is extremely complicated, with the result that far too many users work in the productive system with administrator authorisation and no one can really monitor their activities.

Product SAST – System Audit and Security Toolkit for SAP R/3

SAST provides answers to all of the questions concerning SAP security thanks to its modular design. All of the checks are always carried out for all clients and throughout the entire system. The module SystemTrack contains many diverse functions to analyse and raise automatically the security level of SAP systems. The module AdminTrack enables defined administrators or support users to activate a pre-defined emergency ID with a mouse click and use it after describing the planned activities. SAST records all of the activities during the support session and makes the report available to an auditor by e-mail or online. Administrators can work in normal operation and without SAP_ALL.

 

Consulting Services Related to SAST

Our consulting products “SAP Security Analysis” contains all of the services in a single package and at a fixed price – from the SAST installation to presentation of the final report. The scope of the consulting services is closely oriented to the SAP security guidelines and the specifications of SAP AG as well as legal requirements established by BDSG (Federal Data Protection Act) and GOB (German Accounting Principles). Moreover, our experienced personnel can help you on the basis of the analysis results to establish control mechanisms in accordance with KontraG/SOX or to make settings relevant to security correctly, etc.

 

Security Training for Users and Administrators

Secure operation of R/3 systems requires comprehensive know-how. In the course of in-house training, our consultants bring you up to date on the latest in R/3 security concepts and parameters. Current weaknesses in the system as well as traps during configuration are described and discussed in detail. A practice-oriented training approach guarantees that security measures can be implemented by the training participants reliably and specifically. The training programme is oriented in content to the SAP courses ADM940 and ADM950.

 

 

Contact:

Ralf Kempf, manager
Fon: +49 (0)40 88 173-0
Video-Statement

References:

 

Print Page: