{"id":36593,"date":"2018-02-14T10:33:58","date_gmt":"2018-02-14T09:33:58","guid":{"rendered":"https:\/\/e326.greatsolution.dev\/?p=33031"},"modified":"2022-05-01T08:27:10","modified_gmt":"2022-05-01T06:27:10","slug":"the-crux-with-the-sap-interfaces","status":"publish","type":"post","link":"https:\/\/e326.greatsolution.dev\/en\/the-crux-with-the-sap-interfaces\/","title":{"rendered":"The crux with SAP interfaces"},"content":{"rendered":"<p>SAP system environments are constantly growing and changing. This is due to general market developments, such as globalization, which leads to increasingly complex business processes. Companies are expanding, merging and acquiring other companies. Added to this are new digitization trends, for example cloud computing and Industry 4.0, which require increasingly strong IT networking.<\/p>\n<p>Over the years, this has resulted in heterogeneous system landscapes in many places with up to several thousand data interfaces connecting SAP applications with each other, but also with non-SAP systems.<\/p><div class=\"great-fullsize-content-en\" style=\"margin-bottom: 20px;\" id=\"great-3516346517\"><a data-no-instant=\"1\" href=\"https:\/\/e326.greatsolution.dev\/en\/media-kit\/\" rel=\"noopener\" class=\"a2t-link\" target=\"_blank\" aria-label=\"nl_advertising_800x100\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2024\/08\/nl_werbung_800x100.jpg\" alt=\"\"  srcset=\"https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2024\/08\/nl_werbung_800x100.jpg 800w, https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2024\/08\/nl_werbung_800x100-400x50.jpg 400w, https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2024\/08\/nl_werbung_800x100-768x96.jpg 768w, https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2024\/08\/nl_werbung_800x100-100x13.jpg 100w, https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2024\/08\/nl_werbung_800x100-480x60.jpg 480w, https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2024\/08\/nl_werbung_800x100-640x80.jpg 640w, https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2024\/08\/nl_werbung_800x100-720x90.jpg 720w, https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2024\/08\/nl_werbung_800x100-18x2.jpg 18w, https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2024\/08\/nl_werbung_800x100-600x75.jpg 600w\" sizes=\"(max-width: 800px) 100vw, 800px\" width=\"1000\" height=\"100\"  style=\" max-width: 100%; height: auto;\" \/><\/a><\/div>\n<p>In addition to the well-known interfaces, there are several that the system administrators are not even aware of as such, such as unauthorized downloads of lists via the SAP GUI, direct access to the database or communication with external systems.<\/p>\n<h3>Loophole for data thieves<\/h3>\n<p>If these interfaces are outdated, incorrectly configured or inadequately protected, they offer hackers attractive gateways to access information. Data thieves, economic spies and saboteurs are then able to copy, change or delete entire data sets and thus falsify the balance sheet result or shut down the SAP system completely.<\/p>\n<p>This can have considerable financial and legal consequences for a company, and its reputation also suffers. The pressure is intensified by increasingly strict statutory data protection laws, such as the new EU General Data Protection Regulation (GDPR), which is mandatory from May 25, 2018.<\/p>\n<p>The EU GDPR standardizes the rules for the processing of personal data by companies and public institutions throughout the EU. These will be obliged to take appropriate technical and organizational measures to protect personal data, for example, against processing by unauthorized persons and against accidental loss.<\/p>\n<p>In addition, the documentation requirements will be tightened compared to the previously applicable data protection regulations: For example, the data controller should be able to prove compliance with the EU GDPR guidelines. Violations are punishable by high fines of up to 20 million euros or up to 4 percent of a company's annual global sales.<\/p>\n<p>Although the risks of unsecured SAP interfaces have long been known, most companies do not have the problem under control - mainly because there is no comprehensive transparency about the existing interfaces.<\/p>\n<p><a href=\"https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/01\/Oleksandr-Panchenko-infra-1802.jpg\"><img loading=\"lazy\" decoding=\"async\" title=\"The crux with the sap interfaces\" class=\"aligncenter size-full wp-image-33036\" src=\"https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/01\/Oleksandr-Panchenko-infra-1802.jpg\" alt=\"Oleksandr Panchenko Infra 1802\" width=\"800\" height=\"356\"><\/a><\/p>\n<h3>No central documentation<\/h3>\n<p>As a rule, there is no central office that has complete documentation of all interfaces and the data exchanged via them. Often, the departments negotiate the interfaces of their SAP systems directly with the customers, suppliers or system manufacturers without this being included in a cross-company inventory.<\/p>\n<p>Thus, it is hardly possible for companies to continuously evaluate and monitor the current SAP interfaces in order to protect them against possible attacks. Nor are they in a position to comply with the provisions of the EU GDPR, since they do not even know exactly which SAP interfaces are or can be used to exchange personal information at all.<\/p>\n<p>Without this knowledge, however, they cannot prove that they have secured the relevant interfaces in accordance with the state of the art in order to protect the personal data from unauthorized access or accidental leakage.<\/p>\n<h3>A lot of effort for manual analyses<\/h3>\n<p>To avoid such problems and gain transparency about their interface landscape, some companies already rely on manual analyses of the safety-critical parameters of the interfaces and runtime statistics.<\/p>\n<p>However, these evaluations can usually only be carried out on a random basis, as they are enormously time-consuming. Similar limitations exist in the use of various analysis tools offered on the market.<\/p>\n<p>There are three main reasons for this. First, the existing solutions focus on the evaluation of individual interface technologies, as they can be found side by side in large numbers in an evolved SAP system environment: for example, Remote Function Call (RFC), HTTP, FTP, Java Connector (JCo) and many others.<\/p>\n<p>Anyone who wants to gain as complete an overview as possible of the interfaces currently available must therefore analyze each technology individually and consolidate the results manually: This time and cost expenditure is also considerable.<\/p>\n<h3>Available solutions are not enough<\/h3>\n<p>Another disadvantage of the available solutions is that they analyze the interfaces and data flows only locally, i.e., from a single system. However, to obtain as complete a picture as possible of the communication relationships within an SAP system landscape, each interface must be evaluated on both sides.<\/p>\n<p>Many conventional analysis tools focus on just one problem, such as the question of which data is downloaded via the SAP GUI. In any case, clarity about the existing interface landscape is achieved only selectively.<\/p>\n<p>Companies can gain a complete overview with solutions such as Virtual Forge InterfaceProfiler. They can create a model or set of rules for the desired SAP system and interface landscape and compare it with the information collected on an ongoing basis (target\/actual analysis).<\/p>\n<p>In the process, the deviations are reported and documented. Starting from a central SAP system, the InterfaceProfiler analyzes the communication relationships of the entire system environment.<\/p>\n<p>The results are presented graphically and logs of the vulnerabilities found, including their criticality, are generated. In addition, suggestions are made for possible improvements to the security and technical design of the interfaces.<\/p>\n<p>With special security functions, it is possible to counter numerous risks in daily system operation at the push of a button, such as blocking authorizations to download results lists in the SAP GUI.<\/p>\n<p>Likewise, copy-and-paste operations of ALV lists can be avoided. The permissions can be displayed clearly and finely granular in the cockpit of the InterfaceProfiler - an important requirement to comply with the GDPR.<\/p>\n<p>A monitoring component provides information about interfaces that are still technically functional but have not been used for some time. In addition, the usage intervals of interfaces that are still in use can be determined and unauthorized, unscheduled interface activities can thus be identified. All events are logged extensively and can be actively reported.<\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"https:\/\/e326.greatsolution.dev\/en\/partners\/virtual-forge-gmbh\/\"><img loading=\"lazy\" decoding=\"async\" title=\"The crux with the sap interfaces\" class=\"aligncenter wp-image-21420 size-full\" src=\"https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2017\/05\/VirtualForge.jpg\" alt=\"https:\/\/e326.greatsolution.dev\/partners\/virtual-forge-gmbh\/\" width=\"1000\" height=\"112\" srcset=\"https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2017\/05\/VirtualForge.jpg 1000w, https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2017\/05\/VirtualForge-768x86.jpg 768w, https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2017\/05\/VirtualForge-100x11.jpg 100w, https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2017\/05\/VirtualForge-480x54.jpg 480w, https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2017\/05\/VirtualForge-640x72.jpg 640w, https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2017\/05\/VirtualForge-720x81.jpg 720w, https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2017\/05\/VirtualForge-960x108.jpg 960w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\" \/><\/a><\/p>","protected":false},"excerpt":{"rendered":"<p>Unprotected SAP interfaces open the door to hackers. Many companies are aware of this, but still do not have adequate security measures in place. What is needed are solutions with which the interfaces can be analyzed and monitored across the board.<\/p>","protected":false},"author":1377,"featured_media":36785,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"pmpro_default_level":"","footnotes":""},"categories":[5,20361],"tags":[621,11281,5519,637,367,4192],"coauthors":[21854],"class_list":["post-36593","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it-management","category-mag-1802","tag-cloud-computing","tag-dsgvo","tag-globalisierung","tag-hacker","tag-industrie-4-0","tag-sap-gui","pmpro-has-access"],"acf":[],"featured_image_urls_v2":{"full":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817.jpg",1000,453,false],"thumbnail":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817-150x150.jpg",150,150,true],"medium":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817.jpg",400,181,false],"medium_large":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817-768x348.jpg",768,348,true],"large":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817.jpg",1000,453,false],"image-100":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817-100x45.jpg",100,45,true],"image-480":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817-480x217.jpg",480,217,true],"image-640":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817-640x290.jpg",640,290,true],"image-720":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817-720x326.jpg",720,326,true],"image-960":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817-960x435.jpg",960,435,true],"image-1168":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817.jpg",1000,453,false],"image-1440":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817.jpg",1000,453,false],"image-1920":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817.jpg",1000,453,false],"1536x1536":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817.jpg",1000,453,false],"2048x2048":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817.jpg",1000,453,false],"trp-custom-language-flag":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817.jpg",18,8,false],"bricks_large_16x9":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817.jpg",1000,453,false],"bricks_large":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817.jpg",1000,453,false],"bricks_large_square":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817.jpg",1000,453,false],"bricks_medium":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817.jpg",600,272,false],"bricks_medium_square":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817.jpg",600,272,false],"profile_24":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817-24x24.jpg",24,24,true],"profile_48":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817-48x48.jpg",48,48,true],"profile_96":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817-96x96.jpg",96,96,true],"profile_150":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817-150x150.jpg",150,150,true],"profile_300":["https:\/\/e326.greatsolution.dev\/wp-content\/uploads\/2018\/04\/shutterstock_619960817-300x300.jpg",300,300,true]},"post_excerpt_stackable_v2":"<p>Ungesch\u00fctzte SAP-Schnittstellen \u00f6ffnen Hackern T\u00fcr und Tor. Das wissen viele Unternehmen \u2013 verf\u00fcgen aber bis heute \u00fcber keine ausreichenden Sicherheitsma\u00dfnahmen. Erforderlich sind L\u00f6sungen, mit denen die Schnittstellen fl\u00e4chendeckend analysiert und \u00fcberwacht werden k\u00f6nnen.<\/p>\n","category_list_v2":"<a href=\"https:\/\/e326.greatsolution.dev\/en\/category\/it-management\/\" rel=\"category tag\">IT-Management<\/a>, <a href=\"https:\/\/e326.greatsolution.dev\/en\/category\/mag-1802\/\" rel=\"category tag\">MAG 18-02<\/a>","author_info_v2":{"name":"Oleksandr Panchenko, Virtual Forge","url":"https:\/\/e326.greatsolution.dev\/en\/author\/oleksandr-panchenko\/"},"comments_num_v2":"0 comments","_links":{"self":[{"href":"https:\/\/e326.greatsolution.dev\/en\/wp-json\/wp\/v2\/posts\/36593","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/e326.greatsolution.dev\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/e326.greatsolution.dev\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/e326.greatsolution.dev\/en\/wp-json\/wp\/v2\/users\/1377"}],"replies":[{"embeddable":true,"href":"https:\/\/e326.greatsolution.dev\/en\/wp-json\/wp\/v2\/comments?post=36593"}],"version-history":[{"count":0,"href":"https:\/\/e326.greatsolution.dev\/en\/wp-json\/wp\/v2\/posts\/36593\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/e326.greatsolution.dev\/en\/wp-json\/wp\/v2\/media\/36785"}],"wp:attachment":[{"href":"https:\/\/e326.greatsolution.dev\/en\/wp-json\/wp\/v2\/media?parent=36593"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/e326.greatsolution.dev\/en\/wp-json\/wp\/v2\/categories?post=36593"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/e326.greatsolution.dev\/en\/wp-json\/wp\/v2\/tags?post=36593"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/e326.greatsolution.dev\/en\/wp-json\/wp\/v2\/coauthors?post=36593"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}