SAP Cyber Security
The topics connected to data security are becoming always more important as time goes on. Today, in fact, it's not possible anymore to think about IT security management as a single topic to manage.
It becomes essential to think about this topic as a whole. Also because an exposed attack surface can be used to tackle vulnerabilities and therefore get to more protected systems. All of this must be considered in the various on-premise or cloud contexts, from applicative to technological levels.
Over time SAP has taken a Security By Design and Security By Default path; on the other hand, there are still many aspects that have to be configured and therefore the "but SAP is a secure system by definition" isn't so real (at least right now).
That's why checking that everything is configured in a correct way and verify that there aren't vulnerabilities becomes non only suggested but necessary and with ever greater frequency.
In the past audits or periodical vulnerability assessments could've been sufficient. Today it's necessary to have a constant control if possible. This isn't always achievable by everyone but nowadays there are tools that let ITs or limited security teams (in terms of resources) to have very advanced control instruments.
Cyber Security/IT Security
This term identifies all the actions taken for the protection of IT systems. Meaning with the intent of guaranteeing the availability, the confidentiality and integrity of the systems (CIA principle: Confidentiality, integrity and availability).
It's a commonly used term nowadays and often inflated by cyber security companies.
Which are the macro-areas of intervention?
- Communication security (activating cryptography)
- Meaning the activation of cryptography in SAP communication channels, therefore SNC (Secure Network Communication) or HTTPS.
- Security of archived data (data cryptography)
- Application Security (SAP Security)
- Definition of a security model or SAP authorization concept
- Identity management
- Activation of a system for the management of identities, for example Identity Management
- System hardening (infrastructural/operating systems/database)
- Correlazione e log degli eventi security, ad esempio, tramite SIEM (security information and event management)
- Management of security incidents
- To all the staff as security awareness and professional training to SAP Security specialists. Today this represents the main security problem. After protecting the physical and logical security.
Which are the main tools/configurations to activate?
In some cases there are simply functionalities to activate in SAP, which are already present in the system. In other cases it's necessary to activate solutions (often included in the SAP suite). In others it's needed to buy specific softwares.
Therefore there are different scenarios that can be used depending on the context and on the attack surface that you want to preside over.
How can Aglea help you in the management of Cyber Security in SAP?
People that take care of IT security as their job know that often in a company there aren't sufficient resources to tackle all the thematics that should be managed.
In SAP's case, it's seen as an "internal" product in the company. Therefore it's not directly exposed. Or like a "black box" that "people who know SAP" know about and that must not be touched or else the business processes stop.
This is partially true. But on the other hand, by taking on the argument step by step, you can discover that there is a path and if followed correctly you can obtain important results.
This is exactly what we do, trying to bring two very different worlds closer to each other, the IT security world and the SAP world. Doing this with a precise and guided path, also for who doens't know about SAP, but knows the aspects of IT security.Contact us if you want to knwo more or discuss the above thematics!