Are you prepared for a cyberattack? Our top tips for protecting your data

Posted by:
Kavita Majumdar

Publish Date:
22 Jun, 2022

Technology has played a profound role in revolutionizing the business landscape by simplifying business processes, adopting cloud technology, and communicating with clients or partner businesses on a global level. But with the many benefits that technology provides, the exposure to cyber threats is equally substantial. A cyberattack is a worst-case scenario for public sector entities that house large quantities of personal citizen data.  In some cases, these organizations are more vulnerable because they often have less advanced security measures and limited funding for technology advancements. A simple mistake or lack of understanding of what makes your organization susceptible to a cyberattack can lead to a massive security breach.   

The pandemic and the subsequent lockdowns and work-from-home scenarios have made these potential threats even more severe. With employees working on laptops from home, it has become necessary for data to be hosted and shared in data warehouses or the cloud. While this has been a great operational advancement, cybercriminals are mastering the art of accessing this sensitive data. It’s imperative to secure and diversify your organization's data security efforts.  

Here are a few examples to establish the gravity and extent of these crimes: 

  • According to Statista, a German database company, in 2019, globally, there were over 31,000 cybercrime incidents and approximately 4000 data breaches with confirmed data loss. The top three sectors targeted by cyber espionage in 2020 were Financial, Information and Public Administration. 
  • A Clark School study found that hackers attack computers with internet connections every 39 seconds on average. 

The examples are too many to ignore, and most of the cybercrime incidents are anchored around mobile malware, phishing, botnet attacks, and ransomware, to name a few. 

Business PCs are comparatively less at risk than computers at home since most businesses do have some sort of check on their systems. But is that sufficient? The magnitude of the loss of money and reputation through one security breach is enough to bring a company down. Organizations can implement various measures to avert and diminish losses to stave off potential cyberattacks. Below are some of the key steps recommended by experts at invenioLSI. 

 

Building Better security for your SAP ecosystem and your IT environment: 

Encrypt the communications in your SAP ecosystem (HTTPS for everything)

Encrypt data at rest 

Encrypt backups  

Set up Reverse Proxys for access to your applications  

✓  Never expose your application servers, ports, or HTTP true suffixes. Work with aliases and NAT ports

  External facing components must be placed on a different network segment with firewalls protecting your SAP environment

SAML2 Single Sign-on is a powerful asset. Especially when combined with two-factor authentication providers

Prefer certificate authentication over basic authentication methods

Always prefer newer SAP technology over older technology (i.e. UI5 development over WebGui development)

Work towards establishing a business release and functional release cycle strategy

Pay special attention to SAP Security Patch Day and stay on top of the game

Keep your business running by having the right partner and by developing a comprehensive "Business Continuity Plan":  

  Partner with a provider that has a strong knowledge in porting your SAP systems and can run them from a readily available cloud infrastructure

  Keep copies of your backups detached from your infrastructure

  Test your DR regularly. Get to know better accurate times and the effort involved in restoring your systems to a detached infrastructure

  In case of disaster, try to isolate your infrastructure as much as possible to reduce exposure (For example, turn off your LDAP bridge from IDP for Linux/UX environment authentication)

At invenioLSI, our solution architects specialize in understanding cybersecurity threats and go to great lengths while developing the technical landscape to think of every possible scenario to safeguard this data at every step.  

Contact Us!

 

Blog Author

Kavita Majumdar

Related Blogs

14 Jul, 2021

Using SAP S/4HANA adoption to embrace short-term

Throughout the Covid-19 pandemic, organisations using S/4HANA in their planning...

Learn more
9 Feb, 2021

Achieving Fast ROI from your SAP S/4HANA Migration

With the current uncertainties created by the pandemic and Brexit, companies...

Learn more
4 Feb, 2021

Why move to S/4HANA, and what are your options?

SAP S/4HANA is SAP's next-generation business suite built on the advanced...

Learn more