Who said that in order to have powerful systems you need to have many resources?
How can a small enterprise be compete with a big corporation?
What is an SME?
The European Union provides a definition of what SME are, see here
One of the difficulties that this type of enterprise has is the lack of strategy and vision in terms of security, including in the SAP security. This means that they have a contingent approach, without any overall view.
Which are the most common struggles?
They are many, even if they're not true in all contexts. These are:
- Limited expertise on very vertical solutions (internal or external)
- New software management or tools
- Costs for hardware and software in general
- A lacking of strategic vision on security topics
What can a new software simplify? It's true, it's rare for a new software to just resolve the problem. In most cases though, if this is set correctly, it can make things easier.
That would be the case, for example, for the SecurityBridge suite. With its modules it's possible to understand and evaluate risks on SAP systems. All of this taking advantage of the limited footprint of the already existing resources or through a dedicated outsourcing service.
What is SecurityBridge?
SecurityBridge is a suite, certified by SAP AG, that allows to control in real time:
- Threat exposure
- Vulnerabilities
- Code security
- Patch management
- Management and control of interfaces
It can be utilized in ABAP systems starting from Basis version 7.3x and can be used both via WebDynpro interface and FIORI interface. In this last case the presence of a SAP Gateway is needed. In the image below you can see the FIORI SecurityBridge launchpad
Where can you install it and what does it allow you to do?
The installation is quite simple since it's based on the loading of Change Requests through the standard transport system (TSM).
Having an ABAP based system with the cited requisites is enough, as it has to assume the role of controller on which the tool and the base configurations are installed.
Afterwards the systems that need to be supervised can be connected. On these only the run-time (Agent) part is installed, and they receive the Controller's configurations, as in the image below, where you can see two SAP ERP systems and an S/4HANA system, as well as SAP Solution Manager (Controller)
By this point on the Controller system it's already possible to run analysis both on the "static level" (global status of the system security) and the "dynamic level" (real time event collection).
Below it's possible to see for every connected system the controls that were run and the entity of risk. It's also possible to have a segregated view (Area of responsibility), which is useful to address various incidents to the right teams.
If we delve into the details it's possible to find, for example in the Identity and Access part, the details of controls:
While at the dynamic level it's possible to see the events and use the dashboards for the detailed navigation
For every type of information, you can descend to a deeper level of detail until you get you single events.
The generated events can be then shared with a SIEM or SOAR for more analysis.
Do you want to learn more about how to control your systems with this tools?
Blog post originally translated from: https://www.aglea.com/blog/sap-cyber-security-per-pmi
Ask for a demonstration!