SAP Cybersecurity Security Assessment – Part 2
In my last blog we discussed about cyber security risks revolving around SAP.
When a cybercriminal attack an organization, they won’t re-invent the wheel unless they absolutely have to. They look for common security pitfall.
Some of the security pitfalls I came across in my experience
It might seem hard to believe, but the number one cyber threat to organizations is employees leaving devices unattended OR using easy to guess passwords (123456). Employees are rolling out a red carpet for hackers, putting the company’s network and data at risk, especially storing sensitive information on the local hard drive instead of the server. To check how many potential accounts have been comprised let’s ask Hasso yes you herd it right!!! Hasso Plattner has an institute under his name HPI. HPI does research in lots of different areas, one of them is building statistics around compromised accounts. According to the website 5 billion records have been compromised as of FY2017.
Business need to have an IT security policy that is comprehensive enough to cover all possible sources of attacks, also include clearly documented remediation plan, if an employees account has been compromised list all the DOS and Don’ts. A simple check mark I have read and understood the company’s IT policy statement is not sufficient. Periodic security risk awareness training is your best defense.
Your second line of defense, Security administrators and InfoSec need to look for
- Lookout for users with elevated privileges
- Anomalous user activities
- Turn on all the logging capabilities, that would help with root cause analysis
- Check to see if secure communication channel is turned on
- +999 other checks
All these steps are easier said than done, this is where periodic security assessment and monitoring of your system is VERY critical.