Principles for SAP Security
![](https://e3mag.com/wp-content/uploads/2023/12/23-12-Schloss-shutterstock_373984270.jpg)
![](https://e3mag.com/wp-content/litespeed/avatar/ffb9bdb50a19ee551420681a7854b1e6.jpg?ver=1720042299)
What can and should existing SAP customers do to close the gaps in SAP security? Swiss SAP experts from Itesys share tips for a secure SAP landscape: To protect them effectively, existing SAP customers should assume that the attacker has already successfully penetrated, whether from inside or outside. The right starting point for increasing the level of security in SAP landscapes is the zero-trust approach. If the attacker is always already in the system, you can't trust anyone or anything and have to verify everyone and everything.
In order to develop an effective security concept based on the Zero Trust approach, existing SAP customers should be guided by the following principles: Secure authentication should be enforced always and everywhere and all communication should be secured. In addition, authorizations should only be granted to the extent that users need them to be able to do exactly what they are supposed to do, but no more. It is also important that it is clear and verifiable at all times who makes changes to the settings and which ones; all of this must be logged accordingly. Zero trust means permanent mistrust, which is why user rights and their roles, transactions, services etc. are checked regularly.
![](https://e3mag.com/wp-content/uploads/2024/07/Stefan-Dunsch.jpg)
It is also important to note that the entire IT stack, from the hardware and operating system to databases and SAP applications, must always be kept up to date; accordingly, SAP customers should regularly evaluate and install security updates once they have been announced. Furthermore, the IT landscape should be able to compensate for partial failures, for example by segmenting the network and securing it with its own guidelines and measures, or by regularly practicing the recovery of services. These principles form the basis of any effective zero-trust architecture that existing SAP customers and partners can implement with the help of suitable tools and processes.
To the partner entry:
![](https://e3mag.com/wp-content/uploads/2023/10/Logo_itesys_300x135_2.png)