Document your SAP landscape and identify compliance issues before they become an audit finding.
SAP Security Concepts wiTh Security Architect
Security Architect delivers ready-to-use security concepts for SAP that are based on best practices, SAP security guidelines, and Xiting’s decades of experience in the field.
With Security Architect, you can generate and publish a best-practice security concept and continuously monitor your SAP systems for compliance issues. When combined with Solution Manager, you can manage your global SAP security concepts and compare them against connected systems.
SAP constantly delivers new functions and extends existing functionality. But understanding the settings for these functions, as well as how your SAP security concepts must be adapted accordingly, requires extensive knowledge and a lot of time. Often, security concepts are not up-to-date – or are not available at all.
All of these factors make it difficult for security administrators to prepare for external security audits and to efficiently mitigate potential findings.
With the help of Security Architect, it is possible to generate an SAP security concept based on best practice for your SAP system environment, either per system or centrally in the Solution Manager. The creation of the security concept is either based on the delivered Xiting best practice template or on a company-owned template, which can be easily integrated into Security Architect via an upload function.
This security concept helps you to implement a secure administration of your systems and supports you in, among other things, planning a redesign. The created concept can also be consulted at any time for future IT audits or revisions.
ICS Test Functions (Check MOode)
The check mode allows you to check the current state of your systems against the target state defined in the document. This process can be done locally for one system, as well as from a central system (e.g. Solution Manager) for several systems. Thus, it is possible to test and monitor your system security configuration at any time and to save your test results. Compliance with the requirements can then be compared over time and tracked accordingly.
Compared to a manual procedure for creating and maintaining a security concept and checking systems, the use of Security Architect saves you an enormous amount of time. In addition, you always have an up-to-date and audit-compliant concept that can be easily implemented in the systems.