SAP Security Online / In-Class Training SAP Security With the increasing use of distributed systems to manage business data, the demands on security are also on the rise. When using a distributed system, you need to be sure that your data and processes support your business needs without allowing unauthorized access to critical information. User errors, negligence, or attempted manipulation on your system should not result in loss of information or processing time. These demands on security apply likewise to the SAP R/3 System.
When establishing your security policy, you need to decide what information or processes you consider critical. You need to decide what type of protection you need for this information. Your security policy should encompass aspects such as:
Authentication: It is important to only allow legitimate users access to your system and prevent users from being impersonated
Authorization: It is important that users can only perform tasks for which they are authorized.
Integrity: It is important that data cannot be changed without detection! · Privacy It is important to protect data or communications from unauthorized viewing or eavesdropping.
Obligation: (non-repudiation) It is important to be able to ensure liability and legal obligation.
Auditing: It is important to record activities and events for future references.