SAP Security

Status Quo

A variety of factors contribute to increasing complexity in SAP system environments: The growing number of internal and external users with a wide variety of IT skills and application environments, an increasingly integrated system environment and the resulting rise in the number of interfaces, the connection of cloud services and the use of mobile devices, as well as access to external implementation and support partners.

Scarce resources, a lack of expertise and tight budgets make it difficult to establish sustainable SAP security management.

As a result, transparency in security matters is fragmentary at best.

We help you to (re)create transparency and to cluster, prioritize, plan and implement the accumulated and pent-up issues.

Risk Management

For the targeted and successful mitigation or defense against risks, it is essential to deal with the identification, assessment and localization of risks. Here it is important to name the critical security assets (aka “crown jewels”) with the appropriate granularity and assign them to the classic IT assets (hardware, software). This allows precise and effective measures as well as criticality-driven priorities to be set correctly and the security level to be sustainably improved.

We help you to make the risks in your organization understandable and measurable. To this end, we develop a customized package of measures to protect your business-critical data and systems.

(SAP) Security Baseline

Critical business processes are subject to quality assurance guidelines, e.g. production processes (GMP), to ensure the safety of the goods produced. A “security baseline” describes the security-relevant specifications relating to the architecture and configuration of systems. This is made up of manufacturer specifications, best practice values and customer-specific requirements or regulatory specifications and should be used as a template for the provision of IT systems. Adjustments to this baseline must be regularly compared with the existing system configuration in order to identify deviations and mitigate the resulting risks.

We compare your systems against our baseline for the secure operation of SAP systems and show you potential risks and optimization measures.

Change & Release Management

Security is not a one-shot, but a lifecycle and must be lived as such and integrated into the existing ITSM processes. The topic of configuration and code security in particular requires a structured approach – especially with regard to the patch management of SAP applications and components.
It is important to find a balance between stability-promoting, predictable release cycles and flexible and agile hotfixes and to integrate these with minimal effort. A “never change a running system” attitude is no longer an option today.

We will show you how you can keep your system landscape up to date with minimal effort and thus minimize your attack surface.

Managed Security

Fully securing and monitoring an SAP system landscape is a full-time job that requires extensive and interdisciplinary knowledge at all IT levels. Current threats, zero-day exploits and security notes must be constantly recorded, evaluated and integrated into the system landscape in a structured manner.
These efforts overwhelm most IT organizations and lead to paralyzing effects or aimless activism.

Outsourcing providers also present and price the topic in advertising, but often treat it with neglect, as their focus is on cost-effective and automated operation.

Companies need neutral and highly qualified support in structuring and managing security requirements.

We know that: Investing in the security of your SAP systems pays off!

We check your SAP systems continuously and completely automatically for vulnerabilities, configuration errors and security events and help to preserve evidence in the event of damage. We provide you with a transparent status of your security situation at all times and visualize the effectiveness of measures – whether in in-house operation, in the hosting environment or on hyperscaler infrastructures.