Posts Posts by: "Carsten Olt"

Make Me The Boss

by

In a default SAP setup, users enter their SAP user name and password on the SAP GUI login screen. SAP user names and passwords are transferred through the network without encryption. To secure networks, SAP provides a “Secure Network Communications” interface (SNC) that enables users to log on to SAP systems without entering a user…(Read More)

SAP Single Sign-On Insider Tips – Volume #5

Welcome to volume #5 of our “SSO Insider Tips” blog series. This blog is written in the documentation style and is about a topic that occurs now and then. It exemplifies the systematically excluded possible solutions for our customer and ends with a conclusion, taking the existing customer environment and requirements into account. Other articles…(Read More)

SSO vs. MFA

SSO vs. MFA

by

Some IT security managers are concerned about the fact, that a badly implemented Single Sign-On (SSO) will weaken overall security and may grant unauthorized access to every system tied into it. SSO provides access to many resources once the user is initially authenticated (“keys to the castle”), which increases the negative impact in case…(Read More)

SAP Single Sign-On Insider Tips

Welcome to volume #4 of our “SSO Insider Tips” blog series in which we like to share best practices with you to make your SSO projects even more successfully and save yourself many headaches. Other articles in this blog series include: SAP Single Sign-On Insider Tips – Volume #3SAP Single Sign-On Insider Tips – Volume…(Read More)

You are faced with the challenge of migrating your current SSO solution to SAP Single Sign-On 3.0 but question yourself how to migrate without a big bang approach? I am glad you asked! Migration Steps I was busy for a while but thought it would be a good time for a blog…(Read More)

SAP Single Sign On

Welcome to a new article of our “Insider Tips” series. If you are a loyal reader of our blog, you already know the benefits of Single Sign-On for SAP. SAP’s standard login procedures are insecure and not user-friendly. In our previous articles, we talked about how to achieve secure DIAG, RFC, and…(Read More)

SAP Single Sign On

“Insider Tips” talks about some of the lesser known configuration options of SAP Single Sign-On. In volume #2 and upcoming blog articles, we will look at best practices for hardening your SAP Single Sign-On implementation. We will discuss challenges companies face when trying to enforce encryption for SAP GUI and RFC. We will…(Read More)

SAP Single Sign On

The SAP system architecture uses security libraries that enable encryption, advanced authentication mechanisms or digital signatures in SAP applications. In the past, the ABAP kernel shipped with the SAP Cryptographic Library (SAPCRYPTOLIB) as the default security product for SAP systems. It supports the use of digital signatures according to the Secure Store and Forward (SSF…(Read More)