We are very pleased to be able to support the Swedish foundation TRR with our software solutions in the future! The company is planning to migrate their classic SAP ERP systems to SAP S/4HANA within a time frame of 6-12 months. Our SAST SUITE can be used for both the old and the new SAP landscapes.
Companies that use SAP software, as well as the German-speaking SAP User Group (DSAG), are demanding security dashboards to provide for greater transparency and indicate necessary activities. The most critical risks, however, are those that arise as a combination of other events, which are not critical in and of themselves. After all, even the best dashboards aren’t able to display this kind of unidentified security incident.
The lack of SAP security management dashboards is discussed often by the Security & Vulnerability Working Group at DSAG, the German-speaking SAP User Group. The Working Group sees such tools an essential prerequisite for developing and monitoring the improved security concepts that are urgently needed. Yet a majority of companies has yet to implement the dashboard technology although now would be a particularly good time to implement this efficient tool for mitigating attacks in light of the increasing threat level posed by malware and ransomware.
Incorrect parameter settings in the SAP system, operating system, or database often result in serious security deficiencies. Numerous companies using a central auditing policy developed as a document are up against the same challenges. Typically, parameter values are compared manually with the target requirements, which of course is time consuming. This a lot of effort even just for one single system. As you might imagine, making the comparisons on system-landscape level is that much more complicated. By centralizing monitoring with an automated solution, you can use resources more efficiently while boosting your IT security.
In September 2020, the attack made headlines:
- Hackers responsible for IT disruption at Düsseldorf University Hospital.
- Hackers under investigation: Woman dead after attack on University Hospital.
- Hacker attack on Düsseldorf University Hospital: Investigation into involuntary homicide opened.
A hacker attack can be fatal. Data, goods and assets aren’t the only things to consider: Human lives are at stake where public spaces, in particular public health, is concerned.
The transition of the business world to SAP S/4HANA is picking up speed: that’s why every company should start preparing an end-to-end migration strategy for the new SAP system. It is essential that this strategy consider security aspects, as well, to avoid ending up sitting on millions in subsequent costs. The solution is Threat Intelligence.
In most cases, enterprise networks are infected as a result of human error. Employees click on spoofed links, accidentally reveal their passwords to third parties, or open a file that contains unexpected malware. In attack vectors involving the SAP GUI, employees are often not to blame, because an incorrectly configured SAP system is enough to enable damage to the IT landscape.
On January 23, 2020, news broke on one of the biggest data leaks to date in Germany. Apparently, it was possible for anyone on the Internet to gain full access to the backup of the entire database of car rental company Buchbinder. The ramifications are difficult grasp.
Berliner Wasserbetriebe, Berlin’s water supply and wastewater disposal company, is a public institution and is therefore subject to special legal requirements. High security standards apply to both business processes and its IT operations. As a consequence, setting up transparent SAP authorization management company-wide to meet all of these requirements was one of the water company’s most critical tasks.
The Internet of Things (IoT) is both a blessing and a curse: While it offers tremendous potential benefits, it also fosters uncertainty when it comes to protecting these complex connections against unauthorized access. After all, as more things get connected to the Internet, the risk of hacker attacks also increases.