SAP applications drive the most business critical processes in companies around the globe. It will not surprise anyone that cybersecurity is of utmost importance to prevent SAP customers from vulnerabilities.
A joint threat intelligence report from SAP and Onapsis, released on 6 April 2021, warns that cyber attackers are actively exploiting known SAP security vulnerabilities to steal information and compromise mission critical SAP landscapes. The report says that for every 1,500 cyber attacks launched on SAP systems between mid 2020 and March 2021, over 300 were successful.
SAP security monitoring best practices
An integral part of every enterprise’s threat management has to be SAP security monitoring. All security measures, as well as the most important potential threats, should be permanently monitored, so a reliable and robust monitoring solution is at the very heart of every security strategy in all organizations.
Assessing your SAP security landscape
Questions like:
- Are standard passwords configured for system users?
- Are system changes prevented in productive ABAP clients?
- Is the security audit log configured properly?
- Are certificates about to expire?
SAP security & compliance platform
All these questions can be answered by SAP monitoring like that offered with Avantra AIOps platform. They can also provide valuable insights during your next SAP security audit, or help you with vulnerability management or patch management.
How does SAP security work?
Like in many other areas if you deal with SAP landscapes, the aspects of SAP security are split between the application layer and the basis layer, including the infrastructure part. The latter part is covered by solutions like mentioned above, but can also be realized using the SAP Solution Manager.
On the application layer, you will likely need to look into more specific solutions around SAP security interface monitoring or SAP Enterprise Threat Detection (SAP ETD). These solutions focus more around detecting cyber attacks from the inside by users with legitimate system access, or miscreants using existing vulnerabilities to impersonate as legitimate users or they took advantage of the single most common root cause for security incidents - human error. These security monitoring applications can also help you to avoid accidentally disclosing personal data.
How to choose the right SAP security monitoring solution for your organization
What you need to avoid issues is to run the specific SAP security monitoring tools in isolation. Ideally, you integrate SAP interface monitoring solutions and other threat detection tools into an AIOps platform that already provides the basic security monitoring on-premises and in the cloud. With its automation engine, Avantra can even automatically schedule or implement system recommendations based on the results of your SAP security monitoring tools. Read more on SAP Cloud Security.
SAP security monitoring use cases
Finally, don’t forget your system hardening, the first step to improve your security in all areas, where there is no security by default. And if your business operates in regulated environments such as GxP or SOX, there are far more things you need to consider to meet these standards. But system hardening is not only done once. It needs to be verified continuously to avoid the protection being weakened accidentally. Detecting changes from this baseline is another discipline of SAP security monitoring. Another one where an AIOps platform like Avantra will prove valuable.
What is SAP cyber security? - Learn more on our dedicated page.