“How do we keep our data secure?” is the question nearly every organization is asking these days. The last spot any organization wants to be in is that of a security breach. Stephane Nappo, an industry known Chief Security officer, is often heard saying “It takes 20 years to build a reputation and a few minutes of cyber-incident to ruin it”. And here he’s just referencing the fall out of a business’s image from a breach and not even touching on the mass harm that can be done with stolen data in the wrong hands. As we all know, security is never taken lightly but unfortunately it’s often misunderstood in the SAP world, it’s next to impossible to keep up with and takes a significant amount of manual hours to look into.
What is security in a SAP environment
When we talk about security in the SAP space, it really could mean different things to different people. From the infrastructure side of things, it means keeping the network secure from outside attacks and keeping the individual operating systems impenetrable from malicious intent. From the database perspective it means keeping the heart of the system locked down and secure. From the application side of things, it could be keeping people out or keeping the people who should be in with the correct level of access. Providing the correct amount of access to the full stack of an SAP environment is a delicate line to walk and luckily SAP takes it extremely seriously.
SAP’s commitment to secure systems
As SAP hears about specific threats to possible gaps in their solutions they immediately weigh the threat and provide a 1-10 HotNews ranking of the criticality with 10 being the most important. When a fix is discovered and ready for implementation, they alert the public of the issue, the criticality level and what the fix is. But here is where the confusion and manual effort kicks in. Most organizations run large and complex SAP environments. These critical ‘HotNews’ patches that SAP organizes, are rarely a ‘one size fits all’ resolution but are dependent on the various patch levels of these complex ecosystems. So as a patch comes out, SAP teams need to quickly understand the issue, the patch, what it impacts and then scurry through their landscapes determining which systems this HotNews patch is relevant for. It’s confusing, time consuming and one simple misstep could mean major issues for the entire business.
Reduce the confusion and time with automation
This is where Avantra’s new Hot News analysis is ready to save organizations time, money and major data breaches. Avantra’s ‘always on’ monitoring is aware of how an organization’s complex SAP systems are architected, what kind of systems they are, what their kernel levels are, what their patch levels are and so much more that all go into determining if these systems are exposed or not based on the Hot News. By tying into SAP’s support backbone, it immediately recognizes when important SAP Hot News is available, automatically cross references that data with the SAP system type information and instantaneously provides the list of systems that the Hot News is relevant for. This gives the SAP support team an understanding if any of their systems are relevant and promptly put the fixes in place.
Let Avantra do the hard work of figuring out what Hot News is applicable. Keep your systems secure and keep your teams happy with less stress about worrying if their systems are patched or not. To hear more about how Avantra can help, reach out to us at www.avantra.com