Server-to-server communications can be encrypted with the SAP cryptographic library. With the recent acquisition of relevant parts of SECUDE, SAP can now provide cryptography libraries with SAP R/3 for Secure Network Communications and Secure Socket.
SAP R/3, Net weaver Technologies SAP Security 1. Elements of SAP Authorization Concepts 2. User Master Record 3. Working with Profile Generator (Roles, Composite Roles, Derived Roles, Customizing Roles) 4. Access Control and User administration (password Rules, special users, Authorization Administration) 5. Analysis and monitoring functions. 6. Special Authorization Components (Express Profile Gen) 7. Transport of authorization components 8. Automation of initial Loads 9. Central User Administration 10. Configuring and Using Basis Security Audit Tools Configuration of the Audit Log Reading the Audit Log 11. Controlling Transaction Codes, Tables, Programs Auditing the protection of transaction code execution Auditing the protection of direct table access Auditing the protection of direct program execution Auditing the protection of developer access 12. Securing User and Group Administration User Information System for Audits Decentralized security approaches Trace tools for users that can be used to support audits Auditing standard SAP users Auditing user related security parameters 13. Change Management and Security SAP recommended system landscape Approval processes for change management Auditing system change options and client change options Roles and responsibilities for change management 14. Securing System Administration Services in Production Auditing security for background processing Auditing security for spool, operating system commands System authorizations required for end-users Auditing RFC destinations 15. BW Security Review 16. Enterprise Portals Security Review 17. HR Security Review 18. SECATT script for Mass user creation 19. Background job monitoing 20. Profile Paramters for Security SAP GRC • Installation, setup and upgrades • Components of GRC Access Control • Configuring RAR • Segregation of duties (SoD) analysis • Rule design, configuration and testing • Access violation remediation • Firefighter(SPM) access setup • Custom report development • Mitigation Controls Assessment & Improvement • Configuring Role Expert • SAP security role design using role expert • Working with SAP CUP • GRC Repository