Protecting business-critical data is becoming increasingly complex—and by extension, increasingly relevant for today's organizations. One critical element of this evolution is their increasing reliance on, and hyperconnectivity across foundational technologies such as data centers, cloud platforms, SaaS applications, and broadly adopted software vendors like Microsoft and SAP.
SAP is among the world's largest software companies. Some 92% of the Forbes Global 2000 use at least some of their enterprise application solutions, and most of those companies deploy SAP S/4HANA in their cloud, whether public or private. And By 2027, even more, SAP customers will need to migrate to SAP S/4HANA as they have announced the end-of-life of older versions of their integrated application solutions (the SAP Business Suite). In addition, with SAP FIORI being used as the new user interface, SAP Systems are also increasingly exposed to the internet to provide services to customers and employees.
While changes like these are designed to support today's increasingly hybrid networks and workforces, they also shift the threat landscape and potential attack vectors. And Far too many organizations are learning the hard way that the legacy security systems they have deployed in their traditional data centers don't easily translate to cloud and remote network environments. So, as broadly implemented SAP Systems are increasingly deployed in the cloud and accessed through the internet, organizations need to ensure they have deployed an equally secure infrastructure in the cloud that also provides the flexibility that today's meshed architectures require as they expand to include branch locations, home offices, and mobile users.
This isn't just theoretical. SAP released a joint threat report with Onapsis in April 2021 that looked at active cyberattacks on mission-critical SAP applications. This report provides a great view into the threat landscape of SAP. And their concerns were well-founded. Within 72 hours of releasing a subsequent security update, SAP identified exploits actively targeting publicly exposed SAP Systems. And As any cybersecurity professional can tell you, it is not always possible to install necessary software updates within this time period, especially given the complexity and criticality of SAP Systems.
In addition, ransomware and insider threats have already begun expanding the number of threats targeting SAP Systems. Based on the trends we have seen, an attack against SAP Systems could possibly look like the following:
Addressing challenges like these that arise when SAP S/4HANA can be deployed either on a public or private cloud requires a security solution that can support both infrastructures to protect the SAP endpoint.
One of the most effective strategies for protecting SAP Systems running over hybrid clouds and mobile users involves obfuscating the underlying network, so attackers have no clear idea about what to target or how to proceed without triggering an alarm. Advanced deception technologies, like FortiDeceptor, add layers of enticing traffic and pseudo devices to the network, filling it with landmines and tripwires, so any unauthorized movement automatically triggers an overwhelming response.
FortiDeceptor has the bonus of using a single pane of glass interface to provide a unified view across the expanded and expanding network. This allows administrators to manage and orchestrate configurations and aggregate collected threat intelligence. It also automatically initiates a unified response to shut down intruders and malware before they can achieve their objectives, protecting their users, connected devices, and investments in critical SAP Systems.
With this sort of deployment, an attacker will either be detected during the network reconnaissance phase by the SAP decoys or at the endpoint penetration level by the SAP lure.
Securing SAP S/4HANA is just as critical as ensuring the availability of the SAP System and its data. FortiDeceptor provides a wide range of technical controls to help reduce the risk of deploying this business-critical asset to remote end-users and across hybrid cloud environments.
To learn more about FortiDeceptor, visit FortiDeceptor: Deception-based Breach Protection Overview.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.