Although IT security has been on the radar for quite some time, data breaches and other security-related concerns continue to plague companies. Even Oracle's lawsuit against SAP for "corporate theft" reflects the growing importance of IT security. It shouldn't be surprising, then, that demand for security professionals and security certification pay have been on the rise, according to David Foote of Foote Research LLC. This SearchSAP.com Special Report looks at the latest SAP-related security news and analysis and provides hands-on, technical advice for SAP users.
|SAP Security news and analysis|
- For SAP professionals, security certification can pay: Security certifications continue to increase in value despite the fact that rewards for many technology certifications have fallen in the past six months.
- SAP applications could be hacked, expert warns: The chief technology officer at Virtual Forge explains the top five SAP application security threats and the countermeasures to employ to avoid being hacked.
- Mobile policies: Secure your corporate data with acceptable-use policies: We've recently seen many high-profile incidents regarding potentially compromised data on stolen notebooks. In this guest column, Craig Mathias explains why IT managers need to take a hard look at their security policies.
- Patch and protect: What to do if a security flaw is reported: Your product has shipped, and now someone has reported a vulnerability. What do you do? David Coffey, principal security architect at McAfee Inc., explains the steps you should take.
- IT perplexed by password-protection challenges: Despite using a plethora of preventive measures, IT managers can't seem to stop users recording their passwords on Post-it notes or in their PDAs.
- Oracle sues SAP for 'stealing software': Oracle filed a lawsuit against SAP, charging the German software giant with "corporate theft on a grand scale."
|SAP security-related podcasts|
- Podcast: SOA and Web services security for SAP and Oracle: SAP and Oracle have been touting the benefits of service-oriented architecture (SOA), but SOA comes with some unique security risks.
- Podcast: Governance, risk and compliance trends from Sapphire 2007: In this podcast from Sapphire 2007, SearchSAP.com looks at the latest in governance, risk and compliance (GRC) from SAP.
- Data management podcast briefing: Trends in data governance, with Gwen Thomas: Data governance helps companies comply with regulatory requirements and avoid costly data breaches -- but it's easier said than done. Learn data governance trends and techniques.
- SAP jobs present and future podcast, with David Foote: The SAP jobs market is hot, with some SAP skills paying more than the general market. This podcast with David Foote looks at the present and future of the SAP jobs market.
|SAP security chapter downloads|
- 'Common Models for Architecting an Enterprise Security Capability': This chapter from 'Information Security Management Handbook, Sixth Edition' covers important questions for those tasked with securing information assets, including the appropriate deployment of valuable resources and dealing with legal compliance.
- 'Creating a Secure Architecture': This chapter from 'Information Security Management Handbook, Sixth Edition' looks at factors involved in creating a secure network.
- 'Developing a Higher Security Mind': This chapter from security expert Kevin Day's book 'Inside the Security Mind: Making the Tough Decisions' teaches you how to approach information security the way the top gurus do -- as an art, rather than as a collection of technologies.
- 'User management and security in SAP environments': This chapter from 'SAP R/3 Handbook, Third Edition' examines why leveraging security technology and a sound security policy are mandatory for successful SAP projects.
- Security Metrics: 'Visualization': This chapter from 'Security Metrics: Replacing Fear, Uncertainty, and Doubt' looks at how to bridge management's quantitative viewpoint with the nuts-and-bolts approach typically taken by security professionals.
|SAP security tips and expert advice|
- An automatic business partner relationship: The user who creates a business partner (BP) also needs a BP relationship. Is there a way to automatically define the user with a BP relationship and restrict authorization based on the relationship?
- Security forecast based on SAP GRC: With the advent of SAP GRC (Governance, Risk and Compliance), jobs could be threatened by automated processes. Our expert predicts security jobs will flourish.
- Hiding compensation data in SAP BW: One method to encrypt data in SAP BW to protect it from prying eyes.
- User roles in SAP security: Having too many roles in SAP security can indicate that something is wrong with your security infrastructure.
- Restricting transaction access based on user profile: Researching what users need to do in their job duties may be the best way to set appropriate security permissions.
- Using Oracle passwords with SAP: Using Oracle passwords to connect to SAP is not efficient. One expert explains proper password etiquette.
- Configuring SAP by way of the Internet: This tip provides a definition of SGA, resources for enabling SAP office via the Internet and creating rollback segments.
- Industry standards for SAP authentication: A rundown of the industry standards for SAP authentications.
This was first published in August 2007