SAP Security

Security for your data and processes in SAP

Contact us

Your SAP landscape is often vital to your business processes and contains critical data.

Processes that must not stand still and data that must not be seen by prying eyes or lost. There are more and more serious attacks on companies that find their way into their SAP systems. It often costs a lot of resources, time and money to get back to a more or less normal situation, as well as loss of prestige and possible litigation.

SAP systems are often connected to many other systems inside and outside the company. And data flows to and from SAP around the clock. Inaccessibility of your SAP system can be a big problem in itself, but if data is compromised and leaked or perhaps encrypted and taken hostage, it’s not just a matter of removing a vulnerability and bringing the systems back so that processes can continue. Then a real restoration of all or part of the IT landscape may be on the table.

SAP Security as a Service

Reduce SAP security costs and system risks

SAP Security Assessment

Eliminate security risks before they become critical

How it works

Making it hard for hackers

Close known vulnerabilities and don't give access to more than necessary.

  • Are your systems updated with security notes that close known SAP holes?
  • Do you encrypt your data, both when it is stored and when it is sent around the network?
  • Users, roles and authorizations must be maintained and adjusted, "least possible privilege".
  • Do you isolate your systems and use both firewalls and whitelists?
  • There only needs to be one vulnerability that can provide enough access - they'll find it.
  • A backup is worthless if the hacker can delete it or encrypt it.

3

Understanding and overview

Do you have all the necessary files and data to restore the systems and do you know what the consequences are if a system is unavailable?

  • Do you know your integrations and how data flows inside and outside your IT landscape?
  • Clean up data, including users. Both inside the systems, but also what may have been sent to other systems.
  • Do you know your backup strategy, your RPO and RTO and your recovery priorities?
  • The technical dependencies around your processes and how a temporary solution can be used if a system is unavailable.
  • Custom code is not exempt from vulnerabilities, old unused code is an overlooked risk.

3

Security is an ongoing process

It should be natural and possible to follow your security policies

  • Clear guidelines and best practices
  • Audit and control can't close a vulnerability
  • Every new integration or technology deployed is potentially a new attack vector and introduces new vulnerabilities.
  • Do you have old technologies that are no longer used? Are your firewalls and whitelists up to date with what is actually used?

3

Want us to help you with security?

SAPBASIS is your partner throughout the journey, whether you need sparring, executive consultants or close collaboration with your team, we adapt our support to your needs.