Start of Content Area

Background documentation Introduction  Locate the document in its SAP Library structure

Caution This guide should not be regarded as a substitute for a daily operational manual as recommended by SAP.

Target Group

·        Technology consultants

·        System administrators

The information contained in this document is not contained in the installation and configuration guides or the technical manuals and upgrade guides of the components cited below. Such guides are only relevant for a certain phase of the software life cycle, whereas security guides provide information that is relevant for all life cycle phases.

Why Is Security Necessary?

With the increasing use of distributed systems and the Internet for managing business data, greater emphasis is being placed on the need for security. When using a distributed system, you need to be sure that your data and processes support your business needs without allowing unauthorized access to critical information. User errors, negligence, or attempted manipulation of your system must not result in loss of information or processing time. These security requirements also apply to Contract Accounts Receivable and Payable (FI-CA). This document is intended to help you make Contract Accounts Receivable and Payable (FI-CA) more secure.

About this Document

The security guides give you an overview of the information for secure operation of Contract Accounts Receivable and Payable (FI-CA). This guide cross-references information in existing security guides where available, or other relevant documentation where security aspects are discussed.

As Contract Accounts Receivable and Payable (FI-CA) is based on and uses SAP NetWeaver technology, it is essential you consult the SAP NetWeaver security guide: see SAP Help Portal at help.sap.com ® Documentation ® SAP NetWeaver ® Release/Language ® SAP NetWeaver ® Security ® SAP NetWeaver Security Guide.

To view all of the security guides published by SAP, see SAP Service Marketplace at service.sap.com/securityguide.

Overview of the Main Sections

The security guide comprises the following main sections:

·        Before You Start
This section contains information about why security is necessary, how to use this document, and references to other security guides that are a basis for this security guide.

·        Technical System Landscape
This section is an overview of the technical components and communication paths used by Contract Accounts Receivable and Payable (FI-CA).

·        User Management and Authentication
This section provides an overview of the following user management and authentication aspects:

¡        Recommended tools for user management.

¡        User types required for Contract Accounts Receivable and Payable (FI-CA)

¡        Standard users delivered with Contract Accounts Receivable and Payable (FI-CA)

¡        Overview of the user synchronization strategy, if several components or products are integrated

¡        Overview of integration options in single sign-on environments

·        Authorizations
This section provides an overview of the authorization concept that applies for Contract Accounts Receivable and Payable (FI-CA).

·        Network and Communication Security
This section provides an overview of the communication paths used by Contract Accounts Receivable and Payable (FI-CA) and the security mechanisms to be used. It also includes our recommendations for the network topology to restrict access at the network level.

·        Data Storage Security
This section provides an overview of all critical data used by Contract Accounts Receivable and Payable (FI-CA) and the security mechanisms to be used.

·        Trace and Log Files
This section provides an overview of the trace and log files that contain information relevant for security and that enable you to reproduce the activities in the case of security violations, for example.

 

End of Content Area