SAP Cyber Security: Five questions and answers about effectively monitoring SAP systems

SAST Blog: SAP Cyber Security: Five questions and answers about effectively monitoring SAP systemsDo companies need a comprehensive security strategy for their SAP systems? The objective should be the integration into the bigger picture. Due to the lack of structures for overall security, however, security measures on a smaller scale are frequently omitted. It is therefore necessary to optimize internal control systems and – particularly for securing SAP systems – and to establish comprehensive monitoring. Learn more open the interplay of point in time and time frame of the security monitoring.


Our Product Manager presents five questions on cyber-security topics that are often asked by those responsible for SAP:

What are the most common mistakes regarding SAP security?

When securing SAP systems, companies often focus on user management, authorizations and user IDs. In addition to a sound authorization concept, which is doubtlessly important, the security of the systems and infrastructure as well as centralized and standardized reporting are equally essential. This makes it possible to address risks in a targeted manner. For this purpose, a comprehensive cooperation of all those involved is necessary – from the SAP Basis to the user and role management – coordinated by a security officer. Our SAP Security Experts support you precisely in this area, when it comes to developing a comprehensive security strategy for your SAP systems.

Which measures are effective in the implementation of comprehensive security solutions?

For comprehensive security monitoring, it is necessary for the central offices to be knowledgeable regarding all of the circumstances regarding the security of your system landscape. In addition to threat assessments in real time, this also includes regular internal audits for the support of internal control systems.  Checks based on the point in time and time frame should be provided centrally and implemented hand in hand. For this purpose, the SAST SUITE offers the SAST Security Information Center.

What is meant by monitoring based on the point in time?

Monitoring based on the point in time is periodically recurring, automated control for checking the system properties, role conflicts and the like. The scope of the check for this, meaning the subject of the check as well as the checks applied, are predefined along with the point in time of implementation.

What is meant by monitoring based on the time frame?

Monitoring based on time frame is a continuous monitoring of critical activities for unexpected occurrences, including the change of system parameters or calling of unwanted and critical transactions. The scope of the check for monitoring based on time frame is likewise predefined. The checks are carried out continuously, however, rather than solely at fixed points in time.

How does the monitoring based on the point in time work with the monitoring based on time frame?

Regular checks for the analysis of system stability or the authorization structure provide an overview of the conceptual stability of systems. Rounded off by real-time monitoring, changes to the system that have taken place between two or more point-in-time checks can also be detected. Conversely, such deviations can only be detected if sound statements on the security configuration on the system are available beforehand. The SAP security only becomes fully transparent through the interplay of the two areas.

For this reason, we offer the following tip: Take advantage of a tool-supported, comprehensive solution for SAP Threat Detection and Access Governance.

Take the initiative and round out your spot checks with automated real-time monitoring. Stop limiting your view of SAP security analyses to a single point in time and instead identify risks comprehensively, over freely definable periods of time.

In our webinar called “How SAP Cyber Security works effectively – the difference between point in time and time frame,” we’ll show you the possibilities and describe how the SAST SUITE can help you optimize your internal control systems, while at the same time establishing reliable real-time monitoring of your SAP systems. We are happy to provide you with the recording.

Raphael Kelbert (SAST SOLUTIONS)
Raphael Kelbert (Product Manager, SAST SUITE)


Further articles on cyber security:

Why your SAP security and compliance strategy can’t wait for an SAP S/4HANA migration

Full transparency thanks to security dashboard – how DÜRR IT Service GmbH protects its SAP systems in real time