Managing Vulnerability by Hardening your SAP System

Organisations are under attack. More than ever hackers are looking to find vulnerabilities in networks, emails, servers, firewalls, and user devices to gain access to your organisations most valuable assets: intellectual property, financial information and business operations, just to name a few. With your day-to-day infrastructure at a higher risk than ever before, Acclimation, are your experts in securing your business-critical SAP systems. 

ERP systems are indispensable to most businesses, and it is a common misconception that the built-in security is enough. There are so many moving parts that security researchers are constantly finding vulnerabilities in them. With the Australian government warning that Cyberattacks are a growing threat to companies’ financial information, intellectual property and reputation it is advantageous to assume your business could be the next target, especially since these attacks are increasing in scale, frequency, and impact.  

It happens far too often that we read in the news about Cyber-attacks on organisations Networks, Routers, Email Accounts, Outdated Server Operating Systems and PC/Laptop equipment that can bring an organisation to its knees and held at ransom. What would happen if your mission-critical business application was to do the same? Manufacturing, Supply Chains, Mining, Government Departments and more would be brought to a halt.  

How long could your business sustain an outage of its business-critical applications?  

SAP is Constantly Changing Along With the World Around It. To Give You an Idea:

  • Increased legislation and regulations. An example of this is GDPR.
  • Increased threats from malicious parties, such as foreign governments, APTs, cybercriminals and employees.
  • The move from on-premise to hybrid and then to fully public cloud environments.
  • Auditors looking more critically and extensively at SAP security, where previously only “segregation of duties” (authorisations) was considered. Resulting in more audit findings.
  • Businesses are imposing higher information security requirements on suppliers.

How Can Acclimation Harden Your SAP Environment From Malicious Attacks?

Acclimation has partnered with Protect4S the #1 SAP certified security software bproving organisations with a combination of software and service that provides continuous protection and hardening for your SAP environment. We implement an SAP-certified ABAP Add-On to your SAP Solution Manager and scans more than 1600 checks to help improve your SAP security posture by automating many processes and guiding additional actions via clear dashboards, task lists and reports. 

The solution hardens your SAP systems continuously on all relevant layers of Operating System, Database and Application. The periodic scan is fully automated and does not require additional installation of software on the customer’s systems or additional hardware. Following installation, an analysis takes place and scan results are analysed and reported so customers can choose whether they want to mitigate, remedy or accept the identified risks. All this is registered through the regular service management process, making the service a fully integral part of Acclimation services. 

Acclimation_Mitigate_Scan_Analyse_Diagram-B_FA (1)

Scan

Automated periodic scanning (any desired frequency)

Automated alerts when scans are finished

Analyse

Automated generation of heatmaps and reports

Automated generation of landscape overview

Automated integration with SIEM solution

Automated creation of System Connection Map

Mitigate

Automated generation of mitigation plan

Automated implementation of task allocation

Automated implementation of SAP Security notes

PC screen P4S connection map

Benefits That Our Customers Have Achieved Using Acclimation With Protect4S Software

  • Manual SAP Security processes are automated
  • Complex activities are made easier by information pointers and dashboards
  • Less dependent on expensive projects or consultancy
  • Always up-to-date with SAP Security notes
  • Better insight into risks, mitigation and trends
  • Clear and understandable management reports for desktop and mobile
  • From reactive and ad-hoc to preventive and continuous protection
  • Better prepared for annual audits

Breakdown of Acclimation’s 5 Steps to Protect our Customer’s SAP

Step 1: Establish Goals

What is the acceptable level of risk?

What can be achieved over what period?

Discovery questions that are discussed in advance of a plan.

Step 2: Selection of Systems and Objects

We work together with you to decide which systems are in the scope of this service.

Step 3: Configuration Scans

Acclimation will configure the scan on the scan platform during the consultation with you.

Step 4: Analysis and Advice

The scan results are analysed and discussed in consultation with you.

Based on this analysis, a plan is drawn up with a security improvement actions to be implemented.

1 person from back with 3 screens

Step 5: Operationalize in Accordance With your Policy

The scans are performed periodically as agreed. The results are reported and Acclimation provides you with advice.

This is recorded in the Service Level Report (SLR) in line with service agreement.

Get in touch!

  • This field is for validation purposes and should be left unchanged.