SAP systems are not preconfigured by default with the most commonly used security practices. As a result, SAP environments become exposed to a range of cybernetic risks from internal and external threats, which seek to manipulate the integrity of SAP environments, their transactional data, logs, and sensitive data. Hackers are knowledgeable about these characteristics of SAP systems - which by default do not bring the most commonly used security practices - and are exploiting these vulnerabilities to achieve their goals by manipulating and obtaining sensitive data.
Below are the top SAP security threats:
- Malicious code in ABAP development (Z / Y);
- SAP Security correction notes not applied;
- Unsafe traffic of open-text data;
- Standard passwords / Simple passwords;
- RFC communication insecure;
- Unsafe Web communication;
- Unsafe user authentication;
- Exposure to sensitive data (GDPR / LGPD).
The SAP platform has embedded tools and mechanisms that can aid in the cyber security strategy. TrustSis offers an exclusive service called PASSA - Pre-Audit Security and SoD Assessment to help your cyber-threatened customers. Get to know !!