The fear and anxiety driven by the wave of cyber attacks in recent years has led many companies to bolster their security programs. It’s also led to a stream of software solutions from third-party developers offering to solve customers’ cyber security challenges. You may have heard the sales spin, watched the demos, and even considered the proposals. But before you launch the purchase order, ask yourself: Is there an alternative?
What if the tools you need to secure your SAP systems were available to you at this very moment?
The Cyber Security Toolkit in SAP Solution Manager
SAP has equipped customers with a variety of tools to protect against even the most advanced forms of cyber threats. The tools are available in SAP Solution Manager and are displayed in Figure 1. They include:
- Configuration validation: Implement automated vulnerability checks across your entire landscape
- System recommendations: Detect security-relevant patch day and support package notes
- Change analysis: Analyze the root cause of changes in your managed systems
- End-to-end (E2E) alerting: Investigate email and SMS alerts for critical security events
- Security dashboards: Monitor the health of your systems in near real time
Other than following standard SAP Solution Manager setup procedures, including those related to technical monitoring, there are no prerequisites for using any of these tools. What’s more, since you’re leveraging standard SAP components, there’s no need to license third-party software. You can redeploy the dollars earmarked for security tools to more urgent needs, such as hiring more resources for security teams.
In addition, SAP Solution Manager provides the scalability to grow from 20 systems to 200 without worrying about sizing or licensing issues. You also have the ability to build custom security checks using fully transparent rules, enabling you to tune rules for each system, environment, or any other variable.
SAP Solution Manager includes several standard tools to secure systems from cyber risks.
SAP Solution Manager also allows you to secure access to security-related information using the SAP authorization concept. This removes the concern about the proliferation of sensitive data to systems outside the SAP landscape. Finally, you benefit from the availability of detailed drill-down reports from SAP Business Warehouse, support and maintenance directly from SAP, and the reassurance of knowing you’re following an approach recommended by SAP.1
Layer Seven Security enables organizations to unlock the value of SAP Solution Manager and realize the potential of SAP systems. We leverage the diagnostics infrastructure in SAP Solution Manager to build comprehensive and cost-effective vulnerability management programs. Learn more at www.layersevensecurity.com/solutions or email me at firstname.lastname@example.org.
1 For more on using SAP Solution Manager for security purposes, see page 19 of SAP’s “Secure Configuration of SAP NetWeaver Application Server Using ABAP” (January 2012; http://bit.ly/1GT2zKu) and page 33 of “Securing Remote Function Calls” (December 2014; http://bit.ly/1K0WXih). [back]