SAP Security is a complex set of different areas with different responsibilities. There are several ways how to separate it into discrete parts to work with.
SAP Security can be divided into application and business layers or platform and customization level.
On the other hand, it can be grouped by approach such as detection and response or organizational and technical.
SAP Security can constitute distinct areas in accordance with platform types (ABAP, JAVA, and so on).
In fact, SAP Security can be perfectly divided by responsibility into Segregation of Duties, Custom Code Security, and Application platform security.
Each one is commonly a responsibility of different departments.
The first area is Segregation of Duties and access control. It consists in protection of the system against users who have insufficient privileges or combination of those privileges.
The second area is Code security. As you may be aware, programs written in ABAP language (SAP’s proprietary language to develop extensions to SAP products) can have vulnerabilities and more importantly, they can be used as backdoors.
The third and main area is Application platform security. It covers all kinds of vulnerabilities, misconfigurations, encryption, logging, enabled unnecessary functionality, and other technical issues. Simply saying, here we deal with all issues that can lead to unauthorized administrative access to SAP system and in most cases an attacker doesn’t need any SAP account to conduct an attack.
Here is the list of the most critical areas that should be covered during any SAP Security Audit:
• Infrastructure security (Network, OS, Database)
• SAP Vulnerability check (blackbox, whitebox, greybox)
• Configuration analysis (authorization, encryption, logging)
• Access control checks (By Module, by Application, by Industry)
• Password complexity checks (for different types of stored passwords)
• Connections security (RFC, Trusted connections, PI interfaces)
• Compliance (SAP, EAS-SEC, ISACA, DSAG, PCI, SOX…)
We also provide online training on SAP ABAP On HANA, SAP S4 HANA, SAP HANA ADMIN, SAP BASIS ON HANA, SAP BI ON HANA, SAP HANA, SAP ABAP, SAP BASIS, SAP BI, SAP BO, SAP CIN, SAP CRM, SAP FICO, SAP FIORI, SAP SIMPLE FINANCE, SAP IS RETAIL, SAP MM, SAP SD, SAP HR, SAP Successfactors, SAP UI5, SAP HCM, SAP SCM, SAP SECURITY, SAP CO, SAP PI, SAP PS, SAP PM, SAP PP, SAP QM, SAP EWM, SAP ISU, SAP MDM, SAP NET WEAVER, SAP BPC, SAP SRM, SAP WEB DYNPRO, SAP AFARIA, SAP WM, SAP AWS, SAP APO, SAP CUSTOMER SERVICE, SAP EHS, SAP EP, SAP FM, SAP FSCM, SAP GRC, SAP OIL, SAP TRM, SAP WORKFLOW, SAP GST, SAP SIMPLE LOGISTICS and all modules.