Any known security best practices to follow for FMS deployment

Similar Messages

• SAP HANA Security - Best Practice for Access to Schemas??

  Hi,
  Currently we don'y have a defined Security model in HANA Studio.Neither there is no defined duties of a BASIS / Security / Developers.
  I want to understand what best practices are followed at other customers for defining security for Schema.
  1. Who should be creating the schema for Developers / Modelers?
  2. Should we use our own ID's to create/maintain these Schema or a Generic ID?
  Right now, when developers log in to Studio, by default they are assigned to their own schema (User ID) and they create objects under that.
  We(Security team), face issues when other developers need access to schema of another user as they want to develop objects under schema of different user
  Also, who should be owning the "SYSTEM" user ID and what steps needs to be done whenever a new schema is created.
  Thanks for the help in advance.

  Hi,
  I created a project (JDeveloper) with local xsd-files and tried to delete and recreate them in the structure pane with references to a version on the application server. After reopening the project I deployed it successfully to the bpel server. The process is working fine, but in the structure pane there is no information about any of the xsds anymore and the payload in the variables there is an exception (problem building schema).
  How does bpel know where to look for the xsd-files and how does the mapping still work?
  This cannot be the way to do it correctly. Do I have a chance to rework an existing project or do I have to rebuild it from scratch in order to have all the references right?
  Thanks for any clue.
  Bette

• HANA Security - Best Practices for Schema??

  Hi,
  Currently we don'y have a defined Security model in HANA Studio.Neither there is no defined duties of a BASIS / Security / Developers.
  I want to understand what best practices are followed at other customers for defining security for Schema.
  1. Who should be creating the schema for Developers / Modelers?
  2. Should we use our own ID's to create/maintain these Schema or a Generic ID?
  Right now, when developers log in to Studio, by default they are assigned to their own schema (User ID) and they create objects under that.
  We(Security team), face issues when other developers need access to schema of another user as they want to develop objects under schema of different user
  Also, who should be owning the "SYSTEM" user ID and what steps needs to be done whenever a new schema is created.
  Thanks for the help in advance.

  >So, if we follow this approach, who should be creating the schema as design time?
  Not sure what you mean by that.  We call this design time because you are creating an artifact in the repository and the catalog object doesn't get created until you activate that design time object.
  > Security Administrator or Developer/Modeler?
  Doesn't really matter. Depends upon your process. However I would say most of the time the developer creates the schema.  The developer doesn't immediately get access to the new schema.  He/She must create a role and that role has to be granted to them before they can see the objects in the new schema.
  >Also, for our current scenario, where developers are doing changes in their own schema, what should be done as a Security Administrator to assign access to a user schema to other developers?
  They shouldn't be creating objects in their user schema.  That user schema is for internal usage - like the creation of temporary objects. It shouldn't be used for any development.

• Is there any best practice or standard for database object naming ?

  Hi
  Thank you for reading my post
  is there any standard or best practice for databse objects naming ?
  for example how should we name columns of a table ? should it be like TOTAL_VOTE or TOTALVOTE and many other items.
  Thanks

  what does oracle suggest as a naming schema for tables , fields , views. indexes , tablespaces , ... If you look at the data dictionary you will see that not even Oracle keeps rigidly to any specific standard, although there are tendencies :)
  "The nice thing about standards is that there are so many of them to choose from."      
  -- Andrew Tannenbaum
  Cheers, APC

• SAP and BOBJ XI 3.x Integrated Security Best Practice

  I am trying to find any information around SAP and BOBJ XI 3.x Integrated Security Best Practice.
  So far i think it is uninversally agred that you should :
  1. Utilise the Business Objects platform security model to secure applications, folders and reports.
  2. Use BEx queries as the data source for Business Objects Universes and keep the number BEx queries to a minimum
  3. Use SAP authorisations over the BEx queries to secure report data at a row level.
  Has anyone seen any formal SAP Best Practice document or have any info to add ?
  Andrew

  Hi,
  those three items are all correct. In terms of security you can find lots of material in the standard BW help.
  in terms of query design / universe:
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/008d15dc-f76c-2b10-968a-fafe5a121129
  https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/b0320722-741c-2c10-afab-93b5c0fc7e96
  ingo

• Remoting Security: Best Practice

  I am exploring Remoting and I am curious about security best practice. By default, Enable-PSRemoting will configure an HTTP listener that listens to all addresses. Initially I thought this address was the addresses of the computer making
  the demoting request, but it isn't, it's the address on the local machine that is doing the listening. My reason for thinking this was the controller machine IP was that I thought I might want to limit successful remote requests to just the one machine. From
  a security standpoint this seemed better than letting any machine initiate a remote session. I know that the remote session is limited by the permissions of the user initiating, so any real threat is only because I have already been breached anyway. But still,
  I wonder if there is a way, and value, in limiting remoting to a subset of machines?
  Or is the default here really fine from a security standpoint as well?
  Thanks!
  Gordon

  It is most secure to configure remoting and restrict it using Group Policy.  GP will let you define subnets for both ends of the conversation network wide.
  \_(ツ)_/

• Best practice DISK Layout for E-business suite 11i or R12 in SAN enviornmen

  Hi,
  Does any one have any document on best practices on DISK Layout for E-business suite 11i or R12 in SAN enviornment?
  My thoughts are :
  Mount point 1 =Oracle Binary
  Mount point 2 =Data files
  Mount point 2 =Index files
  Mount point 2 =Archived logs
  Please suggest

  On our HPUX node, we have each environment (PROD, TEST, DEV) on it's own separate mountpoint. Each mountpoint is a separate LUN (Vdisk) on our SAN (an HP EVA4400). No performance issues at all. Our Windows nodes runs Apache and forms, and that is on the internal disks on the windows machine itself. Hope this helps.

• Best Practice: Export unrendered for internet

  Hi
  As I recall, in previous versions of FCPX  it was considered best practice, at least for exports for web, to export unrendered.
  Still true? Ever true for all other export reasons?
  I want to post a rough of a film on youtube, unlisted, for a few friends to comment on.
  best
  elmer
  Btw, always seems like when I open my browser while fcpx is open, I get problems and have to delete my prefs to get back to normal. Any reason why? Just curious.

  Steve: If these are bitmaps inside a PDF that's going to be viewed on the iPad, you cannot rely on its "native resolution". Think about this: What if the original page size of this PDF is 5.5" x 8"? What if it is 20" x 32"? Which one will show the images "at their native resolution"?

• [More information] 'SAP Best Practices Baseline package for Brazil V3.607'

  Hi.
  When I study 'SAP Best Practices Baseline package for
  Brazil V3.607', I wonder somthing.
  I want solution of problem.
  ---------Problem---------
  In '100: SAP Best Practices Installation' document on point 3.4 Define Tax Jurisdiction Code it says
  Enter the Jurisdiction Codes according to the document SMB41_J_1BTXJURV_B020_NFE.TXT.
  I have search the internet for this document and the only hit is the actual Best practice document.
  Does anybody knows where to get this document?
  ASAP, reply for me.
  Thanks.

  Dear Dimitry,
  the Best Practice baseline content is freely available to anyone w/o any charge.
  You find the whole content about it at:
  SAP Best Practices package for Russia V3.607 (English)
  SAP Best Practices package for Russia V3.607 (Russian)
  Kind Regards,
  Jan

• Install Best Practices- Baseline Package for ECC 6.0 EHP4

  Hi All,
  I know its not the right forum to post this message, but posting here as i didnt get the info from the related forum, apologies for that.
  Now we are planning to install SAP Best practices-Baseline Packages for ECC-EHP4 in our new server.
  Can anybody help me out what are the steps to be carried out. Now we have completed installation of Linux & we want to install BP for General, not for any specific industry.
  B/regds,
  CB

  Please post this question in SAP Basis Forum.
  Alternatively, you can check documents in scribd/ help.sap.com
  Raghavan

• SAP Best Practices Baseline package for Russia V3.607

  Dear colleagues,
  My partner - BearingPoint Russia - has an interest to SAP Best Practices Baseline package for Russia V3.607
  Would you please help to find the contact whom they can ask the questions about content & price to?
  Best regards,
  Dmitry Popov

  Dear Dimitry,
  the Best Practice baseline content is freely available to anyone w/o any charge.
  You find the whole content about it at:
  SAP Best Practices package for Russia V3.607 (English)
  SAP Best Practices package for Russia V3.607 (Russian)
  Kind Regards,
  Jan

• Best Practices Building Blocks for CRM 5.0 & CRM 2007

  Hi Experts,
  Where can I find Best Practices Building Blocks for CRM 5.0 & CRM 2007?
  Thanks in advance,
  Vishwa.

  Hi
  Go to: http://help.sap.com/
  Click on the Best Practices Tab,
  Then Cross-Industry Packages,
  Then Customer Relationship Management
  They should all be under there.
  Regards
  Arden

• Looking for best practice / installation guide for grid agent for RAC

  I am looking for best practice / installation guide for grid agent for RAC, running on windows server.
  Thanks.

  Please refer :
  MOS note Id : [ID 378037.1] -- How To Install Oracle 10g Grid Agent On RAC
  http://repettas.wordpress.com/2007/10/21/how-to-install-oracle-10g-grid-agent-on-rac/
  Regards
  Rajesh

• Need best practice configuration document for ISU CCS

  I am working on ISU CCS project. i need  best practice cofiguration document for
  Contract management
  Collections management
  Invoicing
  Work Management as it relates to ERP Billing.
  Thanks
  Priya
  priyapandey.sapcrmatgmailcom

  Which version are you setting up and what are the requirements? IF you are discussing the use of NIC bonding for high availability beginning in 11.2.0.2 there is a concept of "High Availability IP" of HAIP as discussed in the pre-installation chapters,
  http://docs.oracle.com/cd/E11882_01/install.112/e22489/prelinux.htm, section 2.7.1 Network Hardware Requirements.
  In essence, using HAIP eliminates the need to use NIC bonding to provide for redundancy.

• What are Printing Security Best Practices for Advanced Features

  In the Networking > Advanced "Enabled Features" what are the best practices settings for security. Trying to find out what all of these are.  Can't find them in the documentation. Particularly eCCL & eFCL?
  Enabled Features
  IPv4 IPv6 DHCP DHCPv6 BOOTP AUTOIP LPD Printing 9100 Printing LPD Banner Page Printing Bonjour AirPrint LLMNR IPP Printing IPPS Printing FTP Printing WS-Discovery WS-Print SLP Telnet configuration TFTP Configuration File ARP-Ping eCCL eFCLEnable DHCPv4 FQDN compliance with RFC 4702
  Thanks,
  John

  I do work with the LAST archived project file, which contains ALL necessary resources to edit the video.  But then if I add video clips to the project, these newly added clips are NOT in the archived project, so I archive it again.
  The more I think about it, the more I like this workflow.  One disadvantage as you said is duplicate videos and resource files.  But a couple of advantages I like are:
  1. You can revert to a previous version if there are any issues with a newer version, e.g., project corruption.
  2. You can open the archived project ANYWHERE, and all video and resource files are available.
  In terms of a larger project containing dozens of individual clips like my upcoming 2013 video highlights video of my 4  year old, I'll delete older archived projects as I go, and save maybe a couple of previous archived projects, in case I want to revert to these projects.
  If you are familiar with the lack of project management iMovie, then you will know why I am elated to be using Premiere Elements 12, and being able to manage projects at all!
  Thanks again for your help, I'm looking forward to starting my next video project.