Have you replaced the database with SAP HANA? There are several new Security features to activate!
Enable all features for SAP HANA Security! Follow the tips to protect data and ensure database compliance.
It's possible to use Transport Layer Security (TLS)/Secure Sockets Layer (SSL) protocol to protect communication between client-servers and for internal communications. During the installation Durante l'installazione is defined a PKI (Public Key Infrastructure) for the certificates management.
In the HANA database is possible to encrypt the data managed on disk, the logs and also the backups.
The encryption algorithm used, is AES-256-CBC (Advanced Encryption Standard - Cipher Blocker Chaining).
If you don't have Single Sign On (SSO) system, define your password policy in the HANA environment. It's possible to manage the complexity of passwords in SAP HANA Cockpit or through SAP HANA Studio.
Information is then stored in the file indexserver.ini (modifying this file, although possible, is not recommended)
Through the table SYS_PASSWORD_BLACKLIST similar to USR40 (of illegal password in SAP ECC) it's possible to define a list of trivial or illegal passwords. By default, this table is empty.
One of the important aspects in the audit phase of HANA environment is the verification of the activation of the logs. They aren't active by default.
Any more details on this? Sign up for the course HA240 or read here which are all the Security SAP courses.
Blog post originally translated from: https://www.aglea.com/blog/sap-hana-security-4-suggerimenti-operativi