6\VWHP $GPLQLVWUDWLRQ 0DGH (DV\

Chapter 11: Security AdministrationSecurity Layers Intrusion alert Environmental alerts Backups Backup tapes should be sent to a secure, off-site data storage facility.This step protects the backup data from damage or destruction a disaster. Tapes at both the off-site backup and the on-site tape storage facilities must besecured to prevent the theft of the backup tapes.If the backup tapes were stolen, the data can be restored and hacked. Using databasetools, most R/3 security could be bypassed by directly reading the tables.Also see the Password section in this chapter.This process prevents users from logging onto the system multiple times. Multiple userlogons is when several users are sharing a user ID, or someone is using a user’s ID withoutthe user’s knowledge. Preventing multiple user logons is not allowing more than one R/3logon from one user ID.If several people share a user ID: You do not know who created a problem. This situation is an audit security issue.Set the disable multi-login parameter (login/disable_multi_gui_login) in the system profile.You can “allow” specific users to log on multiple times by entering their user IDs in theparameter login/multi_login_users separated by commas and no spaces.The production system should be set to Not modifiable. The “locks” on the system should beset so that configuration changes (client-independent and client-dependent) cannot be madedirectly into the production system. The purpose for this setting is to ensure that all changesare completed in a controlled manner.System Administration Made Easy11–11