Achieve Security by Design and by Default #SAPTechEd Summary
I joined the second session after I heard Greg Capps discuss it during a community check in.
Data is going everywhere
Who has what data
How to protect endpoints if no patching happens
Zero trust architecture
Secure operations map: link: https://support.sap.com/en/offerings-programs/support-services/security-optimization-services-portfolio.html
Building blocks to learn about SAP security
On premise view
Build a security culture at your organization
One customer mapped their solution to the building blocks for a framework and a road map
Solution Manager has capabilities – security optimization service
For the cloud, a shared security responsibility
RISE to S/4HANA
Your roles/responsibilities vs SAP vs hyperscaler
CIO guide on sap.com
Work with cloud services – identity authentication, and access governance, and integrate with on premise solutions
Tie once employee is onboarded
Automate workflow for identity and access
Integrate with API’s for on premise
Data Custodian in the cloud
Provides key management services
Can be on premise or cloud
Big data solution from SAP, using SAP HANA
Looks at log collectors, correlation against attack detection patterns
Pulls in Security Notes
Mid Point Q&A:
Q: Is SAP Enterprise Threat Detection installed with out-of-the-box settings/monitoring ?
A: Yes, there are patterns available out of the box
Q: SAP Enterprise Threat Detection – is this available be default or to be purchased separately
A: It is a separate licensed product
Q: Do you recommend using System recommendations instead of Security notes in SAP ETD if available?
A: You can use both together or either depending on your requirements
Q: What is the average implementation time for SAP Enterprise Threat Detection?
A: Implementation timeframe depends on the requirements
Q: Can ETD feed off of ARA, with respect to SA Tcodes/Apps?
A: ETD can help track who did what in the SAP system, it highlights what a user actually did in the SAP system
Use Signavio to see who is accessing what – determine what business processes make sense
Use Digital Boardroom to see data in a visual way
this blog might help: https://blogs.sap.com/2020/08/12/sap-cloud-alm-vs-sap-solution-manager/
Session materials are here
The legal disclaimer applies to this session; anything in the future is subject to change.