12/10/2018, 15:30

SAP Gateway security with Two Factor Authentication

Enterprises which are across the globe, quite often need a security which is robust for protecting their assets and so does SAP! SAP is known as the 4th largest software company in the world which demands a very superior level of security for safeguarding its systems, applications as well as ...

Enterprises which are across the globe, quite often need a security which is robust for protecting their assets and so does SAP! SAP is known as the 4th largest software company in the world which demands a very superior level of security for safeguarding its systems, applications as well as products in data processing.

Quite a few number of security assessments have been conducted in this matter and the top 5 Two Factor Authentication solutions have been listed in detail here. However why does SAP require such a high security? The reason is quite simple that SAP has a landscape which encompasses a gigantic range of data, and all of which requires appropriate level of protection.

1. Security of the SAP Gateway is Critical

One of the biggest security threats to SAP gateways is running an operating system command without the need for proper authentication. Ideally a company should confine all types of access to the internal as well as external control system of the SAP getaway to avoid an unknown source which does not cause havoc. Incase, there are business cases which exist and the need arises for utilizing the RFC communications due to applications such as BEx (business explorer), in that case a proper security application should be applied on the SAP gateway for confining the Type E and Type R connections.

2. A good SAP landscape does not have any weak passwords

A single weak or a faulty password amongst many users of SAP can often cause trouble for the entire system and this is primary reason why User Security for SAP systems should have a proper policy for password. Post ensuring that these policies exist, regular password audits should be conducted to single out weak passwords such as "SAMUEL123", "HALLOWEEN01", and so on and so forth.

3. There should be no critical ICM/ITS services

RFC communications are not advisable for your SAP security and this is the actual reason why access to web services like SOAPRFC and WEBRFC should ideally be restricted. For restricting this, the invoker servlet on SAP Java AS system needs to be disabled. Once this system has been disabled, the hackers cannot simply bypass the security system.

4. Patching SAP system and GUI regularly helps

Every month SAP AG releases security patches. For proper patch management policies should be created for both the SAP applications as well as the client components such as SAPGUI or SAP Netweaver business client.

5. Security against single sign-on attacks

The place where the sensitive information is saved is the PSE file and the attackers utilize these for creating valid system tokens. When the attackers create the tokens, they can easily access the system without the need for any password. Therefore, the PSE files should ideally be protected with proper operating system controls.

Bài liên quan

SAP Gateway security with Two Factor Authentication

Enterprises which are across the globe, quite often need a security which is robust for protecting their assets and so does SAP! SAP is known as the 4th largest software company in the world which demands a very superior level of security for safeguarding its systems, applications as well as ...

Hoàng Hải Đăng viết 3 ngày trước

[Spring boot + Spring Security] Security with Basic Authentication

1. Prepare Tools IDE: Netbean 8.2 JDK: 1.8 Maven: 3.5.0 2. Target Build project thỏa mãn các yêu cầu sau: Sử dụng spring boot + spring security Sử dụng basic authentication để bảo mật tài nguyên qua http Sử dụng annotation configuration thay cho xml configuration. ...

Tạ Quốc Bảo viết 3 tuần trước

[Spring boot + Spring Security] Security with Digest Authentication

1. Prepare Tools IDE: Netbean 8.2 JDK: 1.8 Maven: 3.5.0 2. Target Build project thỏa mãn các yêu cầu sau: Sử dụng spring boot + spring security Sử dụng digest authentication để bảo mật tài nguyên qua http Sử dụng annotation configuration thay cho xml configuration. ...

Bùi Văn Nam viết 3 tuần trước

[Spring boot + Spring Security] Authentication with Custom Filter

1. Prepare Tools IDE: Netbean 8.2 JDK: 1.8 Maven: 3.5.0 2. Target Build project thỏa mãn các yêu cầu sau: Sử dụng spring boot + spring security xây dựng login page, home page. Build 1 CustomFilter, chỉ xử lý các request đến từ địa chỉ 127.0.0.1 Sử dụng ...

Hoàng Hải Đăng viết 4 tuần trước

[Spring boot + Spring Security] Authentication with Custom AuthenticationProvider

1. Prepare Tools IDE: Netbean 8.2 JDK: 1.8 Maven: 3.5.0 2. Target Build project thỏa mãn các yêu cầu sau: Sử dụng spring boot + spring security xây dựng login page, home page. Build 1 tầng authentication provider dùng để xác thực người dùng Sử dụng annotation ...

Trịnh Tiến Mạnh viết 4 tuần trước
0