SAP HANA Security
SAP S/4HANA brings not only a change in processes, but also a change in technologies. And when speaking of changes in technologies, the matter of security becomes more important than ever. This also applies to the new platform for SAP S/4HANA. New interfaces, new functions and new tools bring new challenges. Thatās why Xiting focuses on helping you secure your SAP HANA environment.
SAP HANA Database Authorization Concept and Check
The user groups using the SAP HANA database often changes. Many more user groups (particularly developers) are operating in SAP HANA databases. What is new in SAP S/4HANA is that the need for access to the SAP HANA database is mostly limited to developers (for example, for mixed, complex modeling in BW), as users use analytical Fiori apps.
We are available to discuss these access requirements with you in workshops meant to clarify security relevant aspects of your overall user role system depending on the application scenario. We support you in mapping security relevant aspects in a role concept and in creating an effective control environment in SAP HANA. If youāre already using SAP HANA, we will help you assess your situation, identify optimization potential, and establish best practice approaches.
- Best practices for SAP HANA roles and privileges
- SAP HANA authorization concepts
- Reporting in the field of SAP HANA security with XAMS
- Advice on the use and benefits of SAP HANA Extended Application Services (XS Classic and XS Advanced)
Are you interested in our HANA services?
Contact us for a non-binding offer!
SAP HANA Services in Detail
Your Challenge
If your answer is āyesā to one or more of the following questions, the SAP HANA Services developed by Xiting can be of great value:
- Did you recently implement an SAP HANA database or SAP HANA as a platform (using XS Advanced)?
- Do you need a better understanding of what using a new SAP database or platform means for you in terms of risks and controls, or from an operational perspective, for your roles and authorizations?
- Are you unsure how authorizations should be administered in SAP HANA, and what an SAP HANA authorization concept should look like?
- Are you curious about the role of Core Data Services and the difference between ABAP CDS and HANA CDS views?
- You want to know how to achieve your audit requirements?
We help you to analyze these questions in order to gain a better understanding of the concepts above ā regardless of whether you use SAP HANA for an ERP 6.0 or SAP S/4HANA.
Our Solution
With the aid of SAP HANA Services developed by Xiting, we clearly explain the different tools for administration and management. We present the advantages and disadvantages of SAP HANA Cockpit, Web IDE and SAP HANA Studio, and show you which authorizations are required. We explain what role the SAP HANA Extended Application Services (XS Classic/XS Advanced) play, and how to deal with them from an authorization and compliance point of view. We support you in setting up and implementing the authorization roles in your SAP
HANA database, or if it already exists, in assessing the quality of your SAP HANA authorization concept.
Authorization administrators must be able to create roles, manage password rules and user (groups), and track down authorization problems. Our services provide you with the necessary know-how and help you master these challenges.
We help you to be optimally prepared for emergency situations, as well as to meet the recommendations of SAP to block critical users, such as SYSTEM. We will show you what contribution the XAMS can have when it comes to quality assurance of the role concept, emergency user management and risk analysis.
SAP HANA Services
Best Practice Workshop
- Establishing a common understanding of SAP HANA and clarification of terminology.
- Presentation of the possible application scenarios of an SAP HANA database and the resulting effects on the system landscape and its security requirements.
-
Presentation of the SAP HANA security functionalities, such as:
- Authorization (User, Roles, Privileges)
- Authentication (Password Security, SSO)
- Data Protection (Data Masking, Anonymization)
- Change Logging (Auditing) - Experience from various SAP HANA authorization projects which have been put into practice.
Authorization Concept
- Workshop to discuss a basic SAP HANA authorization concept as well as the development of an SAP HANA role concept.
- Implementation of the defined roles in an SAP HANA database system/system network.
- Clarification of the transport methodology used and implementation of authorization tests.
- Assignment of the previously created roles to the respective user types.
- Definition and activation of change logging (auditing).
- Creation and provision of the complete documentation.
Security Check
- Review of your SAP HANA database based on defined criteria in authorization management and system configuration.
- Demonstration of best practices in authorization management in SAP HANA.
- Documentation and evaluation of the results.
- Recommendations for action.
Ruleset
- Workshop to define an SAP HANA ruleset for risk analysis.
- Clarification of the processes and responsibilities in the risk analysis.
- Implementation of the rules.
- Conducting a risk analysis.
- Assessment and mitigation of risks.