3 weeks ago - last edited 3 weeks ago
What are the best practices for implementing the SAP S/4HANA security baseline? We have defined parameters and critical authorization in our SAP ECC systems as per security baseline. Are there any new parameter or crtical authorizations have been introduced in S/4HANA which we have to take care of and can be mentioned in baseline security guardrails of an organisation.
Happy to hear from anyone who has worked on this and share their experience.
Hi Roy,
welcome to the community :).
That is quite an interesting topic. I have written down my thoughts for example here: https://sapinsider.org/making-sap-s-4hana-secure-from-the-start/
It basically boils down to: From a basis perspective, it is not that big of a change from an ECC system. The main change is the user access via the browser, so we have to be aware of how to do HTTP access in a secure way as well as how authorizations work in a UI5 based environment.
In addition, the HANA database and its management tools might be new to some admins as well.
But apart from that, the main changes happen on an application level. The underlying architecture is still an AS ABAP.
In addition to the Security Baseline Concept (or basically any AS ABAP security recommendation) I would also recommend to look into the S/4HANA Security Guidance in the help pages (https://help.sap.com/docs/SAP_S4HANA_ON-PREMISE?locale=en-US => Security Guide) as a starting point.
I hope this helps as a first indicator for a direction to take.
Best regards,
Tobias
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
69 | |
11 | |
10 | |
10 | |
9 | |
9 | |
6 | |
6 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.