As the years pass by, companies are increasingly facing the oft-lamented lack of experts. Bright minds thinking about information technology and how to implement it, maintain it and, especially, secure it, are far and few between. And the risks grow in line with the increasingly complex IT environment. Most IT departments are simply in over their heads in the face of this challenge. For this reason, security for systems and storage of critical company data is often pushed to the bottom of the to-do list.
Consider this: Managed services offer quick, and most importantly, secure solutions.
Managed service by AKQUINET – make or buy?
There are many benefits to choosing an external option for handling IT security. Involving a service provider means that your day-to-day business can continue without interruption because your internal IT experts can remain fully focused on your core business. Another advantage is that system and authorization security can be implemented quickly – AKQUINET can do it within just a few days. By contrast to outsourcing, your company retains sovereignty and control over this task. The service provider simply acts as a consultant, providing support for the requested scope as needed or helping with setup within the department.
“Finding qualified experts in the IT sector is like looking for a needle in a haystack. We provide an all-around solution to companies: We secure your IT systems and provide qualified specialists whose main focus is on handling SAP landscape security,” explains Ralf Kempf, CTO “SAST SOLUTIONS” at akquinet AG.
SAST Managed Services: Platform security and identity and user access management
Our platform security offering includes the following:
- SAP system hardening and ongoing health checks
- Continuous monitoring of critical system configurations
- Continuous threat analyses and scans for vulnerabilities
- Prevention of critical transactions and reports, system modifications, and more
- Logging of unwanted downloads from systems
In identity and user access management, we cover the following services:
- Ongoing support in authorization management
- User request and change workflows / Prevention of SoD conflicts
Support in structuring roles and partially automating role management using extensive role templates for any industry (with absolutely no SoD issues)
Securing SAP systems: real-life experiences of today and tomorrow
Due to a lack of internal resources and a sophisticated SAP system landscape, Linde turned to AKQUINET for a managed service solution. In addition to achieving security with the SAST GRC Suite, the main concern of the decision makers was to manage risks quickly and successfully without impacting day-to-day business. (See our Linde Success Story here.)
Currently, AKQUINET is developing a managed service solution for a global players in the financial services sector and aims to handle monitoring, assessment, implementation and hardening of security requirements in SAP operations for Authority and Security. After commissioning the AKQUINET SAST SUITE and its Security Radar, the plan was to assign a qualified partner company to handle operating responsibilities as a managed service. The objective behind this was to outsource the continuous adjustments in line with needs as well as evaluations and optimizations. It becomes necessary, especially in the context of the increasing number of PEN tests in the SAP environment, to remedy any vulnerabilities detected and to monitor compliance with processes and configurations via integrated reporting.
Going forward, AKQUINET will therefore be providing the following managed services:
- Security audit report (cyclical monitoring for system configuration and critical authorizations): The SAP Security Administration has developed a SAST SEC report to monitor sensitive SAP vectors by checking SAP systems daily, weekly and quarterly.
- 360-degree SAP Security real-time monitoring with SAST SSR: As the number of ways to attack SAP systems rises, real-time monitoring of all SAP systems must be established.
The services offered include the following:
- Health check: Monitor the availability of the monitoring systems
- Use tool-based approach to remotely monitor SAP systems
- Evaluate and assess deviations from company policies
- Alarm and report service (daily and monthly reports)
- Evaluate and check content of the alarms/reports and clarifies them with the user implementing them
- Adjust parameter settings – recommendations for hardening or system/application changes (e.g. different parameter settings, users with critical authorizations and source code)
- Update the verification policy based on recommendations of SAP, the German Federal Office for Information Security (BSI) and the German-speaking SAP user group (DSAG).
- Share coordination information and knowledge each month (remotely or locally), also available in a management cockpit dashboard
At a glance: How you’ll benefit from a managed service solution from AKQUINET:
- Unparalleled security All of our security consultants have plenty of experience and our tools are certified by SAP.
- Resource optimization Our experts will start helping to carry the load in no time, and you’ll see the first results within just a few days.
- Real-time monitoring We’ll contact you immediately when we identify a vulnerability or detect an attack.
- Always up to date We use security configurations and threat databases that are updated on an ongoing basis.
- Reduced costs Lower your operating and personnel costs No separate licensing agreements for using the security tools
- No cryptic incident reports We’ll provide you with contextual information and recommendations on what to do.
Gunar Funke, Head of SAP Security Services at AKQUINET