Get started Bring yourself up to speed with our introductory content.

SAP security guide

This handy Learning Guide pulls SAP security information from both and its sister site,, to provide the most comprehensive resource around for all aspects of making your SAP system bulletproof.

Need to bulletproof your SAP system? This handy Learning Guide pulls SAP security information from both

and its sister site,, to provide the most comprehensive resource around. Get the scoop on everything from authentication and RFID security to compliance and auditing here!

Also, don't forget to send us an e-mail to let us know what other resource guides you'd like to see on

Best regards,
The editors of and

Introduction to SAP Security

  • Article: Security needs bring redundant systems back in style (
  • Article: Open source tools: A thrifty security manager's best friend (
  • Advice: SAP Security vs. others (
  • Advice: Best security practices for large SAP installations (
  • Advice: Common SAP security practices (
  • Advice: Security concerns when upgrading from v.3.1 to v.4.6x (
  • Tip: Establishing security parameters (
  • Tip: Judicious use of tips (

Identity and Access Management

  • Article: Tackling identity theft (
  • Advice: Secure social security reports (
  • Advice: Internal interface development vs. third-party middleware (
  • Tip: Synchronizing SAP with an external user registry (
  • Tip: It's not what you know; it's who you... are: The identity management challenge (
  • Chapter Download: Identity and Access Management: Provisioning (

 Authentication and Authorization

  • Article: The latest play on passwords (
  • Article: Sun converts Web SSO authentication to open source (
  • Article: Is single sign-on ready for prime time? (
  • Tip: Authentication and access (
  • Tip: Prevent password change (
  • Tip: Passwords -- Updating, selecting and recording user and administrative passwords (
  • Tip: Password policy worst practices (
  • Tip: Parameters for establishing SAP password policies (
  • Tip: How to avoid authentication bypass attacks (
  • Tip: Implementing single sign-on in the J2EE server engine (
  • Tip: SAP authorizations (
  • Advice: SAP authorization and security classes (
  • Advice: Assigning limited password reset-authority (
  • Quiz: Passwords (
  • Quiz: Secure passwords (
  • Quiz: Authentication methods (
  • Featured Topic: SAP passwords revealed (
  • Chapter Download: Hacking For Dummies: Chapter 7 -- Passwords (
  • Presentation: Case study: The USPS gives SSO its stamp of approval (

Data Protection

  • Article: SAP to bolster compliance with reseller partnership (
  • Article: SAP launches Trade Services upgrade (
  • Article: Privacy: How much regulation is too much? (
  • Q&A: CSO interview: Regulatory pain is a two-way street (
  • Tip: Will the 'regulatory police' be knocking on your door? (
  • Tip: SOX 404 compliance: Efficiency is key (
  • Tip: SOX-in-a-box: One size does not fit all when it comes to compliance (
  • Quiz: Respecting the letter of the law (
  • Resource Guide: Compliance management (
  • Resource Guide: HIPAA (


  • Article: SAP advises to take RFID one step at a time (
  • Article: Will new RFID technology help or hinder security? (
  • Article: Low-cost way(s) to 'foil' low-tech RFID tags (
  • Q&A: RFID secrets: SAP customers ready systems for RFID (
  • Advice: Is RFID ready for primetime? (
  • Featured Topic: RFID on the rise? (
  • Resource Guide: SAP RFID (


Platform/Operating System Security

  • Article: Finding the mean between SAP and Microsoft portal extremes (
  • Article: Microsoft IT team touts SAP testing (
  • Article: Despite direct competition, Microsoft, SAP to solve integration ills (
  • Article: Can an Apple a day keep security issues at bay? (
  • Article: Microsoft further tightens security in Windows Server (
  • Article: Linux vs. Windows: Analysts question assumptions about security, TCO (
  • Advice: Using Linux on the mainframe (
  • Advice: Single sign-on for UNIX (
  • Advice: I learned SAP BW on Windows, how does this compare to Unix? (
  • Commentary: MacIntosh vs. Windows: Choosing to take a bite of the Apple (
  • Tip: Uploading transport files from Windows to UNIX on IBM (
  • Tip: Battle of the OSes: Which is most secure? (
  • Tip: Essential Linux skills (
  • Chapter Download: Hacking Windows: MSRPC vulnerabilities (

Vulnerability Management

  • Article: Customers warned of critical SAP flaw (
  • Article: How to survive a data breach (
  • Tip: Eliminating spam with SpamAssassin, DSPAM and ClamAV (
  • Tip: Firewalls: How to choose what's right for you (
  • Advice: Is it possible to scan an SAP e-mail attachment for a virus/worm? (
  • Advice: Errors with uploading patches in 4.7 (
  • Advice: Decompressing HR patches (
  • Advice: Can I supply packages while users are online? (
  • Advice: Applying support packages in the development box (
  • Advice: What is the best way to encrypt messages? (
  • Advice: How do I secure an IDoc? (
  • Advice: Password protected e-mails (

Disaster Recovery

  • Article: Disaster recovery: Are you prepared? (
  • Article: Concerns raised on tape backup methods (
  • Tip: Disaster recover spending -- How much is enough? (
  • Tip: BCP plans key to emergency planning (
  • Tip: Disaster recovery (
  • Tip: Restore a back-up tape and recover usable data (
  • Tip: Disaster recovery/business continuity plans (
  • Webcast: Evaluating & using wireless to enable crisis management (

Consultant's Corner

More Learning Guides

Dig Deeper on SAP security