SAP News, tips and tricks Security workload
Don't underestimate the workload of SAP systems security management.
Every month SAP list the last security notes sorted by criticity on the "SAP Product Security Response Space".
To keep your systems security up-to-date, you have to do through all the note and implement the recommended solutions :
- Code corrections on ABAP system (sometime with manual operations)
- Patchs on JAVA system (a great help is SAP NW Java Support Tool) and other non-ABAP system
- Kernel patch or update
- Client patch (it's easier if you use a virtual client)
- Temporary workaround solution (like desactivating some components) waiting for a definitive solution
- Technical customizing on SSL communication, whitelist (RFC, HTTP, ...), technical accounts, ...
And if one system is a bit old, you could have to deal with a major upgrade as the only solution !
References :