Throughout the year, SAP releases numerous security patches and updates. For some security administrators this means that they will need to make time to implement these updates into their own system; however, this task tends to be overlooked by many. If you've never performed a security update to SAP, or would just like to audit your system's security patches, the task is very simple and can be performed in a few short steps.
In order to check your security system, you will need to run SAP Report RSECNOTE. This can be done via transaction ST13.
Executing the RSECNOTE report via ST13.
Once you have executed the report, you should see a list of security patches that your system is missing. These are color coded based off of severity, red being the most critical. Each security patch will have a corresponding OSS Note that should be applied to the system in order to alleviate that particular security risk.
RSECNOTE security patch results.
Performing a security patch to your SAP system should not affect your business operations, as it will not cause a lock within the system. It should also not have any adverse effects to your transactions and/or programs, unless they happened to have a security risk that was patched during the update. All in all, it should become a common practice to periodically check this report for any available security updates, and to resolve any issues.
In order to check your security system, you will need to run SAP Report RSECNOTE. This can be done via transaction ST13.
Once you have executed the report, you should see a list of security patches that your system is missing. These are color coded based off of severity, red being the most critical. Each security patch will have a corresponding OSS Note that should be applied to the system in order to alleviate that particular security risk.
Performing a security patch to your SAP system should not affect your business operations, as it will not cause a lock within the system. It should also not have any adverse effects to your transactions and/or programs, unless they happened to have a security risk that was patched during the update. All in all, it should become a common practice to periodically check this report for any available security updates, and to resolve any issues.