Expand +



Tips on Securing Your SAP System from an SAP Security Expert

by Andrea Haynes, Senior Editor, SAPinsider

March 9, 2018

SAP applications present a very attractive target for cyber attackers, according to Gerlinde Zibulski, Director of SAP Security Product Management at SAP SE. One of the largest software companies across the globe, SAP’s systems touch 74% of the world’s transaction revenue, she notes in her session for the upcoming Cybersecurity for SAP Customers 2018 conference presented by SAPinsider. Cyber threats in the past have come from many directions — such as viruses, worms, and identity theft — but since 2009, these attacks have become more sophisticated and targeted, and therefore more formidable.

But SAP has safeguards in place to thwart such threats. In her session “Safeguard Your Business Operations with SAP Security Solutions,” Zibulski outlines SAP’s strong cyber defense portfolio and architecture, which includes many security, threat intelligence, and GRC solutions. She also presents numerous security recommendations for users in 10 focus areas, including these tips:

  • The authorization profile SAP_ALL should not be assigned to any user unless it is an emergency. You need to define what an emergency is as well as back-up and recovery remedies.
  • Set dedicated ABAP profile parameters for password security, authentication, and encryption
  • Activate the Security Audit Log (SAL)
  • Have different zones on the network and separate high-security areas
  • Use security source code scan tools to identify vulnerabilities in your custom coding

You can learn more about strategies to secure SAP systems at the Cybersecurity for SAP Customers 2018 conference, to be held in Prague from June 27 to 29. Visit for more information.

An email has been sent to:


Please log in to post a comment.

No comments have been submitted on this article. Be the first to comment!