How to Handle the Threats within SAP Transport Management

Typically, SAP system landscapes consist of at least three systems - production, quality assurance and development.

SAP Transport Management is used to manage the delivery of development objects, patches, and roles to ensure your organisation has a consistent update level throughout the whole landscape.

Usually, users in development systems, such as transport management, have a wide range of authorisations to analyse and fix. Additionally, they often need to be authorised to attach changes into a transport system and deliver them to subsequent systems.

This inevitable concept is also a massive threat in several layers. It means even the most restricted production system can be easily changed by the user, especially if you aren’t paying attention to the whole landscape.

In this session, Ralf Kempf will introduce you to the threats within an SAP Transportation System. He will also demonstrate these threats and discuss the different security layers to minimise weak points, detect possible threats and show the limits of SAP built-in tools.

Transports are an essential part of an SAP environment. They are used to transfer changes from one system to another, to implement new functions, apply updates, and install third-party applications. Change management in SAP is impossible without transports.

However, there are also a large number of potential security risks in the context of transports; compliance requirements can be circumvented, or other unwanted activities can be concealed. Therefore, transports into SAP systems should always be controlled.

A manual content check of all transports, however, is not a practical option because of the sheer volume of data. By using a tool-based analysis, this effort can be significantly reduced, and transports can be automatically checked for security, compliance, and quality issues even before they are released.