SAP Security

Base IT Secures 100% of SAP

Security monitoring, threat detection and prevention for your SAP systems

SAP Security from Base IT

SAP security is a combination of 3 different areas: Vulnerability Management, Source Code Security and Segregation of Duties. Unique expertise is required to manage all of these areas together. Most solutions focused on SAP cover only a narrow set of issues. Base IT secures 100% of your SAP systems.

Assess

When we engage with our clients, we assess SAP systems against all known and documented vulnerabilities. Known and documented vulnerabilities currently number in excess of 7500. Spread across Basis administration and configuration, Segregation of duties, and code (Java and ABAP).

Report

We report to our clients all discovered vulnerabilities by priority so that critical issues are addressed first. All reported vulnerabilities include descriptions and remediation advice. Allowing remedies to be applied quickly and efficiently.

Monitor

Once addressed and controlled, BaseIT monitors SAP systems in real time to ensure new vulnerabilities are reported and managed quickly, and that attacks on systems can be identified along with the approach and success of an attack.

Schedule a free consultation with Base IT

A fully secured SAP system not only ensures security. TCO is decreased due to the automations and processes delivered by Base IT.
100% SAP Security Coverage

Benefits

TCO is Reduced with SAP Total Protection

A fully secured SAP system decreases TCO (Total Cost of Ownership) due to efficiency gains when managing system security with Base IT.

 

Established Security Processes

During the entire lifecycle of SAP, from development to deployment (regardless of where the system is hosted) – truly best practice  security processes can be established and maintained, so that once in production, the system is fully protected and straightforward to maintain.  

Automated Security Monitoring

As changes occur to the SAP environment, security monitoring ensures new threats are quickly identified and managed, and automation of processes continues to reduce costs, and maximise the resources available to you, to remain secure in a timely and managed way. 

Benefits in Detail

  • Prevent cyber criminals by continuous monitoring of key security areas and automatic vulnerability assessment
  • Prevent insiders by using our SoD module to analyze all critical privileges and their segregation
  • Prevent development errors by code review of custom transactions and reports
  • Manage SAP security regardless of where the system is hosted
  • SAP security management can be delivered as a managed service, serviced yourself, or integrated into your SIEM or ITIL solution
  • Scans generally take less than two hours and have little to nil system impact
  • Scalability: you can monitor or scan huge systems from various locations, consolidate information and react to threats by priority
  • Management can be from any web browser without installing anything on SAP
  • Compliance reporting and management using automated and integrated modules including key recommendations from SAP, ISACA, DSAG,OWASP-EAS
  • Compliance frameworks included PCI DSS, HIPAA, ISO27001 and most others
  • Save on security education by using integrated built-in knowledge base of SAP security with detailed descriptions and remediation steps
  • Monitoring dashboards that help you to effectively manage the dynamics between different security information, issue by issue or overall
  • Multi-user access to the system on the basis of role models

Get in Touch

Why Secure SAP?

The world’s largest organisations and Governments use SAP to manage their processes and operations. These organisations have invested millions in SAP systems, and re-engineered themselves to ensure they operate to best practices and toward the greatest strategic benefit. Their SAP system is vital to them.

SAP systems and other business-critical applications store the most critical corporate data, which are constantly threatened by espionage, sabotage, and fraud. 

These applications are often vulnerable to many attacks because of their extreme complexity and customization, and the difficulty associated with security maintenance. There are many general security solutions, from security scanners to SIEM, but few are specific to the unique security challenge of an SAP system.

Are SAP Systems Exposed to Cyber Threat?

The security of ERP systems has become a very hot topic, especially after the USIS and other data breaches that came about because of SAP vulnerabilities. 

Analysts from different firms such as Gartner, IDC, KuppingerCole and Qoucirca agreed on significant importance of ERP security tests and lack of this functionality in traditional tools.

“In-depth assessments of databases and applications such as ERP systems (for example SAP or

Oracle), specially, are not widely supported in traditional VA solutions, which focus on devices.”

– Gartner’s Market Guide for Vulnerability Assessment 2014.

The 3 Disciplines of SAP Security

SAP Security is a combination of 3 different disciplines (Vulnerability Management, Source Code Security and Segregation of Duties). 

Unique knowledge for each discipline is required. Manual in-depth assessment of an SAP landscape is time-consuming with over 7500+ documented vulnerabilities and configurations existing. 

Then there are issues related to user access, user permissions, and controls. To ignore one vulnerability could create massive damage, loss of business and negative press. To ignore one of these three SAP security disciplines would leave your SAP system dangerously vulnerable. 

Most traditional approaches to SAP security address basis and config quite well albeit using complex inefficient tools and processes. Most also address User Management and Segregation of Duties quite well also but again they take much longer than they should and are expensive at best. Most current systems have never had core code checked, or at best only possibly have checked code occasionally. Given the level of change and development of a production SAP system, that isn’t nearly often enough.