Last year, WannaCry brought some companies to the edge of absolute ruin. While the most common entry vectors are known, companies are still making it much too easy for hackers.
Officially, emails were to blame for the largest-scale cyberattack in recent years. If users clicked on the mail attachment, WannaCry implanted malware into the computers, propagated itself, and encrypted accessible data in the blink of an eye. In an alternative scenario, hackers had infiltrated the manufacturer of a subsystem and built the malware code into a software patch.
While unfamiliar emails can simply be deleted, the deployment of such a patch can undermine the in-house security system with breathtaking speed.
The use of critical transactions is one of the most frequent items to be found on the lists of deficiencies prepared by auditors. And rightly so, since accessing SAP tables and ABAP programs with these kinds of transactions is unfortunately often associated with major security risks.
So how can you protect yourself from critical transaction accesses while ensuring your users have the permissions they need? Find out with our best practice tip.
One of the biggest challenges that any customer faces when migrating or redesigning their SAP authorizations is ensuring the continuity of their normal business operations. As a result, IT units are often wary of curtailing user rights – so as to avoid conflicts with business departments that would result from increased testing workloads or more frequent error messages.
With SAST Safe Go-Live Management, these problems are now a thing of the past.
The topic of IT security is ranked # 1 in market trends *. However, securing complex IT landscapes effectively is a big challenge for many companies: there is often a lack of trained IT staff and even more of the necessary security know-how.
Gunar Funke, Head of Services SAP Security at AKQUINET, describes his experiences and presents possible solutions.
Implementation of authorization projects – effective and tailored for your requirements.
In many cases companies have to redesign their authorization management, after an audit. The requirements of the companies are often differs in terms of quality, duration and the project budget during planning phase of the projects.
No matter what priorities you set for your authorization projects, AKQUINET offers solutions that are tailored to your needs. From now on, you can choose between three defined approaches:
New features for the SAST Suite: the SAST Enhanced SoD and Control Reporting.
Every company that needs to redesign its authorizations after an audit knows the challenges: perplexed in the screening and analysis of all identified risks. Our new features for the SAST Suite enable you to periodically report your risks and mitigations – fast and intuitively.
A good connection: the AKQUINET SAST Suite und der SAP Code Inspector.
You want a tool that tests your ABAP codes for performance, security, syntax, and compliance with naming conventions? Our recommendation: Use the SAP Code Inspector. This tool is part of the SAP standard and is available for you without additional SAP license costs.