The greater degree of openness and integration that distinguish the latest SAP systems demand heightened security for business-critical data. The SAP consulting company Q-Partners is responding to this need by offering its customers the leading VSI 2.0-certified solution for the SAP interface–Deep Security from Trend Micro.
As certified SAP consultants, Q-Partners Consulting und Management GmbH partners its customers in the implementation of their SAP projects, from planning of the environment, through design and implementation of support processes, to actual system operation and continuous optimization.
In many enterprises, SAP systems are the IT backbone of business processes. "That's why quality in design and implementation is such an important part of what we do," points out Markus Stretz, Managing Director at Q-Partners.
"Over the course of many implementation projects, we've come to understand exactly what needs to be done." With this experience behind them, the consulting company has no difficulty finding the right solutions–software components, middleware solutions or data center implementations–to meet their customers' requirements. It's also essential for IT environments to have a sustainable design.
One key consideration in this regard is the security of the business environment. After all, business-critical data always requires special protection, regardless of where it is used–in finance and accounting, supplier and customer management, or production.
"Up until a couple of years ago, it was relatively easy to guarantee the required security. That's because SAP systems were used in isolation from other systems at the back end of the enterprise's IT environment, and were only connected to the outside world to a limited extent," Stretz explains. "These days, however, business-critical data can also be accessed from outside the controllable environment because business processes are now being made available as user-friendly apps or cloud services." As a result, the exposure to threats is now much greater. For example, files with active content (e.g. a Java script in a PDF document) may contain malicious code, which, if not detected in time, may pass unchecked into the SAP database. If the file is opened and the active content executed, this gives the threat actor control of the SAP server.
SAP itself does not offer its own protection against this type of threat, and relies instead on partners to guarantee content security using the Netweaver VSI interface. The latest version, VSI 2.0, targets two areas, i.e. the exchange of documents in business applications and the scanning of binary files as attachments in SAP systems like SAP Mail/Connect or KPro.
“With Deep Security, we can offer our customers the best possible solution that protects their infrastructure, including specific rules for SAP and similar systems, while also incorporating SAP VSI 2.0 functionality.”
Managing Director at Q-Partners
And the first joint customer projects in 2014 proved concrete evidence that Deep Security is indeed the right choice for Q-Partners. According to Stretz, "We were able to integrate the solution into an end-to-end server security concept. As well as protecting against malicious software and cross-site scripting, Deep Security can also protect physical, virtual or cloud-based infrastructures.” The multi-layered security solution also comprises a firewall, an IDS/IPS system and options such as integrity monitoring and log file analysis for enforcing compliance requirements.
Q-Partners also sees the high level of integration and centralization of security management processes as an added benefit for users. In this way, enterprises can reduce the administration and reporting costs associated with the protection of their SAP systems because different security products don't need to be managed alongside one another. Security professions also quickly learn to appreciate the way in which alert management and reporting are united on a single console, because this simplifies work and provides the overview they require of the many and varied threat scenarios that may arise. Additional operational efficiency also gives enterprises the option of automating activities such as updates or scanning.
“As well as protecting against malicious software and cross-site scripting, Deep Security can also protect physical, virtual or cloud-based infrastructures.”
Managing Director at Q-Partners