Cyber attacks are one of the biggest challenges facing companies today. SAP systems are also increasingly becoming the focus of external attackers and internal threats. The right approach to dealing with this ever-evolving threat is critical to the survival and success of your business.

Comprehensive implementation of SAP security

The digital transformation offers an opportunity to secure the future. Among other things, digital transformation means strengthening the security of data and processes and actively taking measures before a security incident occurs. The methodology developed by KPMG helps companies to protect their SAP systems against attacks and security vulnerabilities and to strengthen the operational readiness and protection of confidential data, which is of fundamental importance for business processes.

Based on recognized good practices such as the SAP Secure Operations Map and the SAP Security Baseline Template, we have developed an extended KPMG methodology that helps companies to implement SAP security comprehensively.

Individual analyses for all SAP system types make it possible to identify potential risks for all on-premises and cloud systems and to identify and implement tailored recommendations for improving security. In addition to these analyses, overarching aspects of cyber security in the overall architecture are also examined with the aim of creating a secure framework for the operation of SAP systems in the long term.

Ready to talk? Contact us

auto_stories

Study reveals strategies and success stories on how you can ensure greater security in your SAP landscape.

Download now

Your advantages

Survey of the current state of security in the entire SAP landscape (on-premises and cloud systems)
Identification of procedural, organizational and technical risks
Determination of necessary steps to improve cyber security and establishment of a robust framework for the cyber security of SAP systems
Support in the selection of suitable tools for the permanent and independent monitoring of the security status of the SAP landscape

For interested companies, we organize a regular "SAP Security Roundtable", where those responsible for SAP security in companies can meet in person under the "Chatham House Rule" and exchange ideas openly. If you are interested, please contact us.

Interested in our services? Contact us

IT security magazine article: Issue 5, 2024

S/4HANA transformation as a booster for more SAP security

Download

Protect your SAP ERP landscape

Secure your data in a cyber threat environment with KPMG and SAP

Download

Managed Detection & Response Solution (MDR/S)

Managed Detection & Response (MDR/S) is a proactive security approach that specialises in the detection, analysis and rapid containment of cyber threats. The concept is based on a "single pane of glass" principle, which enables comprehensive visibility of the entire security situation by correlating a wide variety of data sources, thus minimising the time it takes to neutralise an attack. The methodology includes continuous monitoring and active threat hunting in real time to identify even hidden dangers at an early stage.

Maturity Assessment

Preparation and implementation of a customer-specific assessment to determine the maturity level of key processes and standards for SAP security. Based on the maturity level, recommendations and initial priorities for the most important SAP security issues (e.g. hardening, patching, code security and monitoring, and governance aspects) are developed.

Cloud & System Security Assessment

The Cloud & System Security Assessment covers security checks for both on-premise SAP systems and SAP cloud solutions such as BTP or SuccessFactors. Automated tests are carried out with critical, standard and extended priorities. These are supplemented by manual checks in the form of interviews, document reviews and, in the case of cloud systems, additional system insights. The aim is to provide a comprehensive assessment of the security situation across all relevant operating models.

SAP S/4HANA project support

Project support in establishing the necessary SAP security settings and processes; support in design and implementation as well as go-live check.

Guidance on selecting SAP security tools

Support in selecting SAP security tools (e.g. for logging and monitoring, SIEM integration, code security scanners, hardening/baselining, patching, dashboard setup)

SAP Penetration Testing

Penetration testing against SAP systems and landscapes from the internal network and from the internet, provided that the systems are accessible from the internet. Attack simulations at the SAP application level, operating system level, database level, network level, and on technical SAP components (e.g. SAProuter, SAP Gateway, SAP Message Server).

SAP authorisation analysis

Authorisation analysis using the KPMG AIM tool, consisting of checks on the granting of technical authorisations (e.g. separation of duties, dual control principle, etc.) and administrative authorisations (superusers, administrators, emergency processes).