On every second Tuesday of each month, SAP releases new Security Notes. Many SAP administrators install these patches relatively quickly – but are they putting too much faith in the security they provide?
Very few customers know that security gaps can still be exploited.
Practical tip: How you can easily prevent your SAP users from being inadvertently locked out.
The parameter “icf/reject_expired_passwords” is intended to prevent SAP users from being able to log in via “http” with an expired password. So far so good…
The use of critical transactions is one of the most frequent items to be found on the lists of deficiencies prepared by auditors. And rightly so, since accessing SAP tables and ABAP programs with these kinds of transactions is unfortunately often associated with major security risks.
So how can you protect yourself from critical transaction accesses while ensuring your users have the permissions they need? Find out with our best practice tip.
One of the biggest challenges that any customer faces when migrating or redesigning their SAP authorizations is ensuring the continuity of their normal business operations. As a result, IT units are often wary of curtailing user rights – so as to avoid conflicts with business departments that would result from increased testing workloads or more frequent error messages.
With SAST Safe Go-Live Management, these problems are now a thing of the past.
GRC tools, IT vulnerability analysis, authorization management, SIEM management – these are four of the top five topics cited by IT decision-makers when asked which current and future technologies are of vital importance to them. *
This means that the new release of GRC Suite from AKQUINET – couldn’t have arrived at a better time to offer answers on some of the subjects that are on the minds of these managers right now. In this interview, Lars Henning (product manager for the SAST Suite) presents the highlights of the latest version, along with some helpful tips.
Implementation of authorization projects – effective and tailored for your requirements.
In many cases companies have to redesign their authorization management, after an audit. The requirements of the companies are often differs in terms of quality, duration and the project budget during planning phase of the projects.
No matter what priorities you set for your authorization projects, AKQUINET offers solutions that are tailored to your needs. From now on, you can choose between three defined approaches:
Checklist to secure your SAP systems.
Do you know at any time who accesses the sensitive data of your SAP archive servers? In our penetration tests we experiencing it again and again: attacks on SAP archive systems are mostly successful, not recognized and therefore not logged and reported.
Minol stored millions of sensitive information of private and business customers in its complex SAP system landscape. Therefore it was important for Minol to prevent unrequested downloads and to protect the data from possible data theft.
New features for the SAST Suite: the SAST Enhanced SoD and Control Reporting.
Every company that needs to redesign its authorizations after an audit knows the challenges: perplexed in the screening and analysis of all identified risks. Our new features for the SAST Suite enable you to periodically report your risks and mitigations – fast and intuitively.