SAP Security made easy. How to keep your SAP systems secure
- LANGUAGE: English DATE: Thursday, November 20, 2014 TIME: 4:00pm CET, 10:00am EST, 7:00am PST
Security in SAP environments is a key requirement of SAP customers. SAP systems are business critical. They must run reliably, they must remain secure – despite a growing number of attacks. There are various levels of security to enforce in SAP environments. It is not only about user management, access controls, or code security. It is about integrated approaches.
Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, looks at the security requirements in SAP environments, particularly the ones that are specific to these environments. He will discuss solutions to mitigate risks, in the context of an overall IT GRC approach.
Following, Alexander Polyakov CTO of ERPscan, will illustrate, based on customer use cases, how an integrated approach for SAP security can be implemented in a lean and efficient way, ensuring quick-wins while still achieving the complex targets that must be met in SAP environments.
ERPScan is one of the most respected and credible Business Application Security provider. Founded in 2010, the company operates globally. Named as an ‘Emerging vendor’ in Security by CRN and distinguished by more than 25 other awards - ERPScan is the leading SAP SE partner in discovering and resolving security vulnerabilities. ERPScan consultants work with SAP SE in Walldorf supporting in improving security of their latest solutions.
ERPScan’s primary mission is to close the gap between technical and business security, and provide solutions to evaluate and secure ERP systems and business-critical applications from both, cyber-attacks as well as internal fraud. Usually our clients are large enterprises, Fortune 2000 companies and managed service providers whose requirements are to actively monitor and manage security of vast SAP landscapes on a global scale.
We use ‘follow the sun’ principle and function in two hubs, located in the Netherlands and the US to operate local offices and partner network spanning 20+ countries around the globe. This enables monitoring cyber threats in real time while providing an agile customer support.
Cloud computing and mobile workforces have resulted in an expanding attack surface and a complex web of identify information. This means that traditional perimeter-based security models are no longer effective. A Zero Trust model of strict access control for every user and device enables businesses to be connected and secure, but an effective identity-focused approach is essential.