Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
Showing results for 
Search instead for 
Did you mean: 

Welcome! In this blog post, we'll dive into a unique hands-on session available on GitHub, designed to show a first glimpse of the SAP Business Technology Platform (BTP) Security Recommendations. This session is part of the virtual SAP TechEd 2023, marked as XP185v - a valuable resource for those seeking to enhance their BTP environment's security.

Overview: The XP185v session provides an understanding of the security recommendations for SAP BTP services and how to effectively implement them. These recommendations are crucial for configuring your SAP BTP services, ensuring compliance, and safeguarding your business. They're readily accessible on the SAP Help Portal under the SAP Business Technology Platform section.

Requirements: To embark on this hands-on journey, you'll need a few prerequisites:

  1. An active Trial Account for SAP BTP.  Follow the instructions: Get a Free Account on SAP BTP Trial

  2. Access to SAP Cloud Identity Services as a trial version. Follow the instructions in this blog: SAP Cloud Identity Services offered as Trial Version

  3. A time-based one-time password (TOTP) authentication application on your mobile device, like SAP Authenticator, Google Authenticator, or Microsoft Authenticator.

Let's Get Started: Now that you've met the requirements, you're all set to dive into the exercises. They are available and described here:  #XP185v - Get Hands-On Security Recommendations for Your SAP BTP Environment

Here's a sneak peek of what you'll be exploring:

Exercise 1 - Enable Multi-Factor Authentication for Applications:

  • Set up SAP Build Apps and access them using your trial identity provider user.

  • Configure Multi-Factor Authentication for SAP Build Apps.

  • Enable MFA for your user.

Exercise 2 - Security Recommendations regarding User Access and Authentication:

  • Manage obsolete administrators.

  • Define a custom password policy.

  • Keep public access to applications disabled by disallowing self-registration.

  • Ensure Social Sign-On remains disabled.

Exercise 3 - Security Recommendations regarding the Audit Log:

  • Subscribe to the SAP Audit Log Viewer service.

  • Configure the SAP Audit Log Viewer service.

  • Check the audit logs and download entries via the SAP Audit Log Viewer service.

Conclusion: This hands-on experience is a great opportunity to learn how to strengthen your SAP BTP environment's security. By implementing BTP security recommendations, you're not only meeting your compliance goals but also fortifying your business against potential threats. With this practical guide, you'll gain valuable insights into securing your SAP BTP services effectively.

So, don't miss out on the chance to boost your SAP BTP security expertise. Dive into the XP185v session and equip yourself with the knowledge and skills needed to protect your valuable assets. Happy learning and securing!


1 Comment