Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
www.winshuttle.com
Introduction
The SAP Business Suite contains sensitive corporate data that is essential to running your day-to-day business, while addressing dynamic business initiatives and regulatory compliance requirements. This white paper discusses in detail how Winshuttle maintains full compatibility with SAP security requirements and complies with information security best practices. It will also explain how Winshuttle supports SAPs extensive authorization functionality which protects Transactions and data from unwanted access and use. Winshuttle Transaction records the manual steps that a user takes to complete any SAP Transaction and then maps the relevant SAP fields to an Excel spreadsheet, easily creating a business process template. This template can then be run, on demand, to shuttle data between Excel and SAP, thus automating any process, while maintaining native SAP security and authorizations. Although Winshuttle products reside outside of the core SAP system, Transaction uses the SAP Remote Function Call (RFC) communication protocol to perform uploads and downloads. Transaction uploads data to the SAP system by first creating a SHUTTLE file (.TxR) recording of the SAP Transaction, then by mapping the SAP data fields to Excel fields, and finally by running the SHUTTLE file to load the Excel or Access data into the SAP Transaction. A secure connection is established with the SAP system using the users SAP logon both while creating the SHUTTLE file recording and when running the SHUTTLE file to load data. Transaction protects SAP Transactional data in a manner that meets regulatory compliance requirements such as Sarbanes-Oxley (SOX), by preserving SAPs role-based security. For SAP, this ensures that data management is performed by authorized users only on a least privileged access basis.
Figure 1: Winshuttle Security Architecture Using the RFC API, Transaction issues a single function call to SAP at runtime to enable synchronous communication between Transaction and the SAP server. In this case, the receiving SAP system must be active and able to accept and process RFC calls. For more information about the SAP RFC API, go to: http://help.sap.com/saphelp_nw04/helpdata/en/22/04280f488911d189490000e829fbbd/ content.htm
1.
When the Transaction user logs on, they are authenticated using their credentials from the SAP server as if they are logging on to the SAP server using SAP GUI.
2. The Transaction user requires RFC authorization in SAP to allow remote access to SAP functions. User RFC authorization is controlled by the SAP authorization object S_RFC. See the Transaction Authorization Requirements section below for more information. 3. The users SAP system credentials provide the authorization to run Transaction with a specific SAP Transaction. This ensures that the Transaction user can transfer data only to the SAP Transactions to which the user is authorized. For example, in order to create additional master records, the user must be authorized to run the MM01 Transaction. In addition, Winshuttles Central product enables SAP system administrators to establish finegrained control of usage for Transaction users. See the Central section below for more information.
4. Transaction reads data from one or several Excel files or Access tables, converts the data from its source format to the SAP target format, and performs an RFC CALL Transaction function in SAP. If the Transaction cannot be finished due to a lack of required data, data inconsistencies, or for any technical reason, SAP rolls back the Transaction in a way similar to a manual Transaction update. 5. When the CALL Transaction is completed, either a success or failure message is passed from SAP to Transaction. Transaction writes the messages returned by SAP for each CALL Transaction back into the Excel file or Access Table.
Summary
Loading data into and extracting data from your SAP system is a critical activity that requires the proper controls, security and workflows. In order to be adequately protected, it is best to use existing security profiles and controls. Additionally, Governance, Risk and Compliance (GRC) best practices require complete traceability of these activities.
Winshuttle is the ERP Usability Company, providing software products that enable business users to work with SAP directly from Excel, Web forms and other interfaces without any programming. Winshuttle focuses on a simple fact when using SAP applications, time is money. Winshuttles usability solutions radically accelerate SAP user Transactions, saving and redirecting millions of dollars for SAPs customers every day. These financial benefits are achieved by significantly reducing employee and contractor costs and increasing resources to address more strategic priorities. Hundreds of customers use Winshuttle to make their SAP lives easier. Headquartered in Bothell, Washington, Winshuttle has offices in the United Kingdom, France, Germany, and India. For more information, visit www.winshuttle.com.
Corporate Headquarters
Bothell, WA Tel + 1 (800) 711-9798 Fax + 1 (425) 527-6666 www.winshuttle.com
United Kingdom
London, U.K. Tel +44 (0) 208 704 4170 Fax +44 (0) 208 711 2665 www.winshuttle.co.uk
Germany
Bremerhaven, Germany Tel +49 (0) 471 140840 Fax +49 (0) 471 1701902 www.winshuttle-software.de
France
Maisons-Alfort, France Tel +33 (0) 148 937 171 Fax +33 (0) 143 683 768 www.winshuttle.fr
India
Research & Development Chandigarh, India Tel +91 (0) 172 465 5941 www.winshuttle.in