Turnkey Consulting and Onapsis have released the 2021 edition of their SAP Security Survey Report, providing in-depth insights into the current state of the industry. Tom Venables, a leader at Turnkey Consulting, walks through some of the report’s key findings and lessons.
Many SAP security administrators know how to secure access to applications and understand the need for secure communications, encrypted storage and the like, but are not necessarily experts in SAP programming or administration. This is borne out by good responses on the auditing of users, authorisations and configuration, when compared to code scanning or patch management, for example.
The requirement of diverse skillsets being brought together to understand the threats posed by code configuration, insufficient patching, or system configuration which leaves vulnerabilities open to be exploited is one of the greatest obstacles organisations must overcome in dealing with the wider risks to SAP.
Operators need to be something of an expert in both the business operations, to secure those effectively, and the technical components that support those operations. This is a broad set of skills, which requires…
