SAP RFC Security

Posted by Andrea Mazzolani (translation) on Dec 2, 2022 12:00:00 AM

RFC means Remote Function Call and it's the SAP standard interface that make the systems communicate between eachother.

 

Failing to configure this aspect can expose the system to a series of security problems. There are multiple aspects to keep in mind. In this article we will talk about how to protect the system from RFC calls made from third party systems or from other SAP systems.

Read More

Topics: UCON, rfc, rfc security

SAP Data Loss Prevention, what to do?

Posted by Andrea Mazzolani (translation) on Nov 11, 2022 12:00:00 AM

What does Data Loss Prevention mean?

 

It means to "put in place" all the possible actions to prevent non-authorized data leaks.

 

Data leak and data loss have multiple meanings. But what can you do in SAP?

Fuga di dati e perdita di dati hanno significati molteplici. Ma come è possibile fare in SAP?

Read More

Topics: SAP audit, soar, sap etd, sap siem, sap hana, data loss prevention, SAP DLP, rfc security

System Users with SAP_ALL assigned, no thanks!

Posted by Fabio Mambretti on Jun 24, 2022 12:00:00 AM

This one's a bad habit. Most common causes are:

 

  • Project necessities not better detailed
  • Scarse sensibility towards data security
  • Scarse knowledge of potential problems of this action

 

Why should you remove these users, even non-interactive ones, ASAP? Let's see some examples!

Read More

Topics: sap_all, auditing, rfc, rfc destination, rfc security, system users

Yes Subscribe!

Blog Aglea, what you could find out?

Every Friday a new post, interview or content related to SAP Security.

  • Tips on how to design SAP Security
  • How to
  • Checklist
  • Common error and pitfall on security SAP
  • Interview with experts
  • Who we are and Aglea vision on SAP Security

Recent Posts

Post By Topic

See all