Skip to content

How the SAP S/4HANA 2023 security enhancements affect your organisation - SNOK expertise

Have you ever wondered how to protect your SAP infrastructure against various threats? If so, the latest release of SAP S/4HANA 2023 has several interesting developments for you. In this article we take a detailed look at the "Secure By Default" features and their impact on the landscape...

Have you ever wondered how to protect your SAP infrastructure against various threats? If so, the latest release of SAP S/4HANA 2023 has several interesting developments for you. In this article we take a detailed look at the “Secure By Default” features and their impact on the SAP landscape - and at how SNOK, as an SAP Gold Partner, can help you understand and implement these enhancements.

What is “Secure By Default”?

“Secure By Default” is a concept that has become an operating philosophy at SAP. In the latest release, S/4HANA 2023, several key enhancements have been introduced to raise the system’s overall level of security. These are listed below:

  • Disabling legacy tickets for trusted communication: older trusted-communication methods have been identified as insecure and have therefore been disabled.

  • Preventing the assignment of users to roles as part of transports: this feature is designed to avoid situations where users gain elevated authorisations in higher-tier systems as a result of importing transports.

  • Improvements to the analysis and usability of RFC and SICF logs: enhancements have been introduced to support the deactivation of unused RFC function modules and SICF services, reducing the attack surface.

  • Blocking the use of invisible characters in usernames: this feature is designed to prevent unexpected situations for end users.

  • Automatic activation of HANA data-at-rest encryption: this feature, part of the HANA2 SP07 installation, ensures that business data cannot be accessed at the file-system level.

  • Granular logging of “Secure By Default” activation in the application log: this feature facilitates debugging, particularly during system conversions.

Each of these features is designed to raise the level of security in SAP S/4HANA 2023 and represents an important step towards building more secure systems.

Why does this matter?

Security in SAP is not solely a matter of protecting against external attacks. It also concerns access management and data protection. New features, such as the automated activation of HANA data-at-rest encryption, are key to protecting sensitive business data.

How can SNOK help?

As an SAP Gold Partner, SNOK offers a broad range of SAP-related services, including SAP Basis, SAP Analytics and SAP Cybersecurity. This means we are well positioned to help you understand and implement the new security features in SAP S/4HANA 2023. Our services also include advisory support on best practices and the tailoring of security settings to individual organisational needs.

What comes next?

Although SAP is making significant progress in the field of security, organisations remain responsible for further securing their own systems. This can be done using tools and services provided by SAP, such as EarlyWatch Alert or Configuration Validation. But that is not the end of the journey. Security is an ongoing process that requires regular reviews and updates.

Summary

“Secure By Default” in SAP S/4HANA 2023 is a significant step forward in cybersecurity. It provides a solid foundation, but this is only the beginning. The key is individual assessment and continuous improvement to ensure the highest level of security. And if you need support in this area, SNOK is here to help.

Tematy: Other sap-security SAP S/4HANA

Get in touch