- May 22, 2020
SAP Identity Theft
Here are some simple suggestions to preserve your account from SAP identity theft:
Safeguard your information, both online and offline
Do not reuse passwords. Using strong and unique passwords for each account is the easiest and most effective way to avoid becoming a victim of identity theft. Mix upper and lowercase letters, use symbols, and create sufficiently long passwords for each of your accounts.
Log out when you are finished
Never leave an unlocked terminal unattended. If you do not log yourself out, you may be automatically logged out by the SAP instance after a period of inactivity. Attackers only need seconds to perform an unauthorized action in your name.
Keep your computer protected
Keep your computer and mobile devices protected by virus scanners, anti-malware, etc.
Be constantly vigilant
Report suspicious activity immediately. If you spot anything out of the ordinary – any unauthorized account activity – report it right away. You are less likely to be seriously impacted by identity theft if you discover and report the incident shortly after the security breach.
What is the impact of a stolen identity?
As with stolen credit or ID cards, the attacker may use the authorizations of the stolen identity for fraud, data extraction or manipulation. If the IT Security Department detects anomalies in SAP, all evidence points to the owner of the identity. The attacker stays anonymous. To measure the size and impact of an identity theft case, two questions will need to be answered:
- How much time did the attacker have to use the stolen identity?
- Did the attacker access an SAP account having super rights?
These questions can easily be answered when an intrusion detection system is guarding your SAP systems.
How to identify a stolen identity?
The SAP SecurityBridge platform is equipped with an IdentityProtection feature. Once installed, the SAP instance of your choice becomes the verifier for identities. IdentityProtection automatically detects new identities, informs the identity owner and allows reporting of identity theft.
When the rightful account owner reports potential malicious activity, the SecurityBridge intrusion detection system raises a security alert which can again be linked to automated actions.
The verifier, which is a nominated system in your SAP landscape (e.g. SAP GRC, SolMan, …) evaluates all logons and interlinked meta-data to decide whether the logon matches an existing and already trusted identity. This entire process happens in real-time and seamlessly without a noticeable impact on system performance.
Whenever an SAP account is used on a terminal (or IP) not previously used the verified account owner receives an instant information email.
If the true owner of the identity does not recognize the login activity, a potentially malicious logon can be reported.
A practical example of an SAP identity theft
When logging on to an SAP account from a new terminal SecurityBridge identifies the new login and IdentityProtection issues an email to an earlier confirmed email address.
An active identity confirmation system is a great addition to any SAP system, as it pro-actively involves the user community in securing their SAP credentials. Also, two-factor authentication mechanisms are possible and recommended. Unfortunately, such solutions are typically tricky to implement.
Learn more about SecurityBridge!
Download the Product Comparison Report and understand that holistic security for SAP can be delivered by a single solution.
Find recent Security Advisories for SAP©
Recent posts
PASàPAS will continue to leverage and install the SecurityBridge platform for SAP to help more SME organizations understand and mitigate SAP Security risks.
Events
Alles verändert sich, nichts bleibt wie es ist, die heutige Zeit setzt Flexibilität voraus. Entsprechend wandelbar präsentieren sich DSAG, SAP und das gesamte Ökosystem.
Diese Wandlungsfähigkeit steht auch im Fokus des DSAG-Jahreskongress 2023 vom 19.-21. September 2023 in Bremen.
Unter dem Motto „Wunderbar wandelbar – Gemeinsam neue Perspektiven schaffen“ freut sich die DSAG wieder darauf, mehr als 5.000 Teilnehmende zu begrüßen. Wagen Sie gemeinsam mit der Interessenvertretung den Blick durch das Kaleidoskop und finden Sie den richtigen Dreh, um zu neuen Blickwinkeln zu gelangen und Veränderungen zu gestalten.
SAP Security Patch Day
Today is another SAP Security Patch Day. In May 2023, the SAP Response Team released 20 SAP Security Notes, including Evergreen 2622660 Security updates for the browser control Google Chromium delivered with SAP Business Client with HotNews priority. Besides two updated Notes, SAP Security Patch Day May 2023, contains 18 new security updates for the vast SAP Product portfolio while the majority relates to SAP Business Objects.
SAP Vulnerability
SAP developers know that ABAP/4 (Advanced Business Application Programming) is not immune to security vulnerabilities like any other programming language. One significant security risk associated with SAP ABAP is directory traversal vulnerability.
In this blog post, we will discuss what a directory traversal vulnerability is, why it is a problem for SAP customers, how it can be exploited, and what measures to take to prevent it.
