You might already know that, as of Release 7.40 Sp8, you can use SAP security policies to define user-specific security parameters, contrary to the system profile values. But did you also know that you can inadvertently weaken secure values such as login restrictions and password complexity as a result?
Our practical tip will show you how to effectively prevent such a weakening.
Analyze the RFC interfaces of your SAP Systems.
SAP interfaces are often not considered when SAP systems are protected. Therefore, they remain unprotected and provide attractive targets for attackers.
Experience from numerous SAP security audits and penetration tests for SAP systems shows repeatedly that, in almost every SAP system checked, unprotected interfaces exist that could allow attackers direct access to your SAP Systems.
