SAP launches two security initiatives

Program certifies consultants' knowledge of security tools applicable to SAP technology

SAP AG has launched two new initiatives aimed at helping customers secure their SAP software systems.

Under the SAP Consultant Certification program, consultants can verify their knowledge of security tools and measures that are applicable to SAP technology, the company said Tuesday in a statement.

Consultants can choose from more than 80 tests covering the SAP NetWeaver integration platform, the company's business suite of applications, industry-specific systems and software for small and medium-size businesses. The tests consists of questions on topics ranging from administration of users and authorization to firewalls, networks, and routers.

So far, more than 20 consultancies have been certified, including Atos Origin in Paris, Deloitte & Touche Singapore, and EDS Enterprise Solutions and EDS Enterprise Solutions in South Africa, a unit of EDS Corp.

The other initiative involves virus-scanning software. Responding to the growing use of Internet protocols in enterprise software and the threat of a computer virus crashing the underlying operating system and bringing down SAP applications with it, the Walldorf, Germany, vendor extended its Certified Integration program to include virus-scanning software.

Providers of virus-scanning software can submit their products to SAP's Integration and Certification Centers to have their interfaces tested and certified. The first virus-scan software provider to have its software interface endorsed is H+BEDV Datentechnik GmbH.

In the area of security software, SAP has certified interfaces to more than 50 third-party products in areas such as digital signatures, encryption, directory services, secure network communications and system audits.

In December, SAP launched a new remote security evaluation service. As part of its Security Optimization Service, the company performs remote evaluations of customers' systems, searching for vulnerabilities in SAP applications, middleware and Internet gateways, as well as interfaces to partners' systems and user authorizations. Following the evaluation, SAP will suggest fixes.