SAP security a must for SA
Seven reasons why the discovery and resolution of SAP security vulnerabilities are vital.
The safeguarding of companies' SAP systems is more crucial than one may think - and more relevant to SA than ever before.
This is according to Alexander Polyakov, CTO of ERPScan, which specialises in the discovery and resolution of security vulnerabilities across the SAP platform.
Here are some of the pertinent facts about SAP that Polyakov notes should compel companies employing SAP to be extra vigilant:
1. SAP is the most popular business application in the world, with more than 180 000 customers worldwide.
2. 74% of the Forbes 500 companies run SAP.
3. In SA alone, SAP had over 300 clients, as far back as 2004.
4. Almost every single government department runs SAP.
5. SAP is remotely exploitable. While many question this, says Polyakov, the fact is that in reality SAP is not only an internal system - companies have portals, connections with remote offices and enterprise servers that run the system too.
6. Many companies expose critical SAP services to the Internet.
7. Unauthorised access to SAP means companies run the risk of espionage, sabotage and fraud.
ERPScan is engaged in the research of ERP security, particularly in SAP, and develops products for SAP system security. It also renders consulting services for secure configuration, development and implementation of SAP systems, and conducts assessments and penetration testing of custom solutions.