SAP Solutions for Finance and Cybersecurity Up Close: Highlights from SAP Insider’s Mastering SAP Event

Amit Bajaj, SAP Cybersecurity Consultant and Nanette Baber, SAP Product Lead for Finance and Cybersecurity at the SAP booth at Mastering SAP held at Crown Promenade.

SAP Insider has done it again this time at Mastering SAP in Melbourne, Australia which was held in July 2022.

The selected topics at the Mastering SAP series are a result of substantial research undertaken by SAP Insider. It is about understanding challenges and opportunities on how organisations can optimise the capability of their SAP assets for a better run business.

The speaker sessions and attendees were categorised according to streams such as Technologies and Cloud, Finance and Accounting, HR and Payroll, Analytics and Data, Security and Risk and Public Sector.  This year’s participation from SAP included sharing a customer’s experience with their finance transformation journey around end-to-end payment processes between the ERP and bank.  In a separate session we also featured the value that can be benefited from proactively managing cybersecurity threats on your SAP environment in conjunction with third-party events and protecting sensitive information.

Integration of end-to-end payment processes with the corporate ERP via bank connectivity

This has been a challenge for many corporates for more than twenty years.  The common question from SAP customers is “How do I integrate and automate bank connectivity with my ERP for a more straight-through payment process?  How about visibility of where payments are at and flexibility to onboard more banks in the future with minimal customisation, reduced cost and yet with standard support?”  What could be more native than the SAP Multi-Bank Connectivity (MBC)?  The MBC connector is embedded in S/4 HANA and part of the core ERP.  It is available to ECC users as an ABAP plug-in.  A Customer Success Manager and Technical Integration Engineer are provided to track the onboarding tasks, ensure that MBC communicates with the bank(s), and collaborate with the corporate and bank resources.

Tiina Kontkanen of Transport for NSW kindly shared their journey with moving away from a customised on-premise infrastructure to SAP Multi-Bank Connectivity SaaS.  They achieved end-to-end automated process and visibility of payment activities whilst still in alignment with NSW Government strategy.

Tiina Kontkanen, Director Product Technology at Transport for NSW

Proactive management of events that will help prevent a possible breach

At our cybersecurity session, it was evident that SAP users running third party SIEM (Security Information and Event Monitoring) systems will require SAP Enterprise Threat Detection as well to be able to capture and make sense of logs coming from their SAP environment.  Hence, arriving at a combined and holistic correlation of events across the enterprise.

SAP Enterprise Threat Detection (ETD) is a SIEM solution that collects logs from different SAP applications, analyses and correlates them against over one hundred fifty off-the-shelf use case patterns that may be adjusted, if desired, in an on-premise or private cloud edition scenario.  It is also available as Public Cloud which provides about fifty use case patterns that are ready-to-go.  SAP ETD is best to recognise, understand and interpret the behaviour of SAP logs enabling more accurate alerts that can be integrated with a third-party SIEM for a unified analysis and correlation according to the desired rules.  Thus, arriving at a more intelligent action that can be taken to prevent or neutralise the possible breach.

Amit Bajaj, SAP Cybersecurity Consultant demonstrating SAP Enterprise Threat Detection (On-Premise or Private Cloud Edition scenario).

Protection of the “crown jewel”

The dynamics of users, internal or partners, who have access to sensitive data, keep evolving.  It is common now to see mergers, acquisitions, and demergers.  This means that users may not necessarily require the same access to such data every time they change roles.  Therefore, SAP customers need a solution that will enable them to use the same backend for all users despite the role changes and yet be able to manage what can be accessed by a user based on attributes.

This is where SAP UI Data Protection Masking and Logging will come in.  “Masking” is obfuscating or concealing sensitive information at the UI level.  There is option for “Reveal On-Demand” should a particular task require it.  The user is asked for the reason and data is revealed.  The “Logging” feature allows for every activity in the UI layer logged.  Therefore, should there be any malicious intent or activity executed, it is all logged and auditable.

Overall, Mastering SAP was a successful event with over 800 attendees.  There were speakers from all over the world who shared their business transformation stories with the wider SAP community, customers, partners and SAP employees.

For further information on the following solutions, please see links:

SAP Multi-Bank Connectivity SAP Multi-Bank Connectivity

S/4HANA Finance (Cloud) for advanced payment management/ In-House Bank SAP S/4HANA Advanced Payment Management: Value in a Payment Factory

SAP Product Lifecycle Costing Product Costing | SAP Product Lifecycle Costing

SAP Enterprise Threat Detection SIEM and Cybersecurity | SAP Enterprise Threat Detection

SAP UI Data Protection Masking and Logging UI Data Security (UI Masking and UI Logging): External Presentation L1 (sap.com)