Managing Vulnerability by Hardening your SAP System
Organisations are under attack. More than ever hackers are looking to find vulnerabilities in networks, emails, servers, firewalls, and user devices to gain access to your organisations most valuable assets: intellectual property, financial information and business operations, just to name a few. With your day-to-day infrastructure at a higher risk than ever before, Capgemini, is your expert in securing your business-critical SAP systems.
ERP systems are indispensable to most businesses, and it is a common misconception that the built-in security is enough. There are so many moving parts that security researchers are constantly finding vulnerabilities in them. With the Australian government warning that Cyberattacks are a growing threat to companies’ financial information, intellectual property and reputation it is advantageous to assume your business could be the next target, especially since these attacks are increasing in scale, frequency, and impact.
It happens far too often that we read in the news about Cyber-attacks on organisation’s: Networks, Routers, Email Accounts, Outdated Server Operating Systems and PC/Laptop equipment that can bring an organisation to its knees and held at ransom. What would happen if your mission-critical business application was to do the same? Manufacturing, Supply Chains, Mining, Government Departments and more would be brought to a halt.
How long could your business sustain an outage of its business-critical applications?
SAP is Constantly Changing Along With the World Around It. Some of the recent changes are:
- Increased legislation and regulations. An example of this is GDPR.
- Increased threats from malicious parties, such as foreign governments, APTs, cybercriminals and employees.
- The move from on-premise to hybrid and then to fully public cloud environments.
- Auditors looking more critically and extensively at SAP security, where previously only “segregation of duties” (authorisations) was considered. Resulting in more audit findings.
- Businesses are imposing higher information security requirements on suppliers.
How Can Capgemini Harden Your SAP Environment From Malicious Attacks?
Capgemini offers a combination of software and service that provides continuous protection and hardening for your SAP environment. We implement an SAP-certified ABAP Add-On to your SAP Solution Manager and scans more than 1600 checks to help improve your SAP security posture by automating many processes and guiding additional actions via clear dashboards, task lists and reports.
The solution hardens your SAP systems continuously on all relevant layers of Operating System, Database and Application. The periodic scan is fully automated and does not require additional installation of software on the customer’s systems or additional hardware. Following installation, an analysis takes place and scan results are analysed and reported so customers can choose whether they want to mitigate, remedy or accept the identified risks. All this is registered through the regular service management process, making the service a fully integral part of Capgemini services.
- Automated periodic scanning (any desired frequency)
- Automated alerts when scans are finished
- Automated generation of heatmaps and reports
- Automated generation of landscape overview
- Automated integration with SIEM solution
- Automated creation of System Connection Map
- Automated generation of mitigation plan
- Automated implementation of task allocation
- Automated implementation of SAP Security notes
Benefits That Our Customers Have Achieved Using Capgemini SAP Security Services
- Manual SAP Security processes are automated
- Complex activities are made easier by information pointers and dashboards
- Less dependent on expensive projects or consultancy
- Always up-to-date with SAP Security notes
- Better insight into risks, mitigation and trends
- Clear and understandable management reports for desktop and mobile
- From reactive and ad-hoc to preventive and continuous protection
- Better prepared for annual audits
Breakdown of Capgemini’s 5 Steps to Protect our Customer’s SAP
Step 1: Establish Goals
- What is the acceptable level of risk?
- What can be achieved over what period?
- Discovery questions that are discussed in advance of a plan.
Step 2: Selection of Systems and Objects
- We work together with you to decide which systems are in the scope of this service.
Step 3: Configuration Scans
- Capgemini will configure the scan on the scan platform during the consultation with you.
Step 4: Analysis and Advice
- The scan results are analysed and discussed in consultation with you.
- Based on this analysis, a plan is drawn up with a security improvement actions to be implemented.
Step 5: Operationalize in Accordance With your Policy
- The scans are performed periodically as agreed. The results are reported and Capgemini provides you with advice.
- This is recorded in the Service Level Report (SLR) in line with service agreement.