Defend Mobile SAP CRM Systems with Defense in Depth

  • by Judith M. Myerson , Systems Engineer and Architect/Owner
  • February 11, 2010
Learn how to defend SAP CRM applications on a smartphone or a handheld device (with BlackBerry Sales Client as a specific example), and see why multiple layers of defense are more effective than a single layer when you use the defense-in-depth model.
Key Concept
Defense in depth is a strategy for creating multiple layers of defense to better protect the SAP CRM infrastructure. Risk management, network boundaries, threat levels, and support infrastructure are all part of a defense-in-depth implementation.

You need to do more than back up and restore SAP CRM manufacturing, service (non-financial), and healthcare data to safeguard it. Likewise, you need to do more than implement data retention policies when archiving SAP CRM data. To help protect your SAP CRM applications and business processes from potential attacks, you need a defense-in-depth model. This includes SAP CRM integration with BlackBerry devices for people who are rarely in the office — such as mobile developers, sales representatives, field service employees, and top managers. On-the-go SAP CRM users with BlackBerry devices are part of the larger picture of people who link to SAP systems other ways, such as through handhelds, netbooks, and the Web.

Defense in depth is a strategy based on creating multiple layers of defense for one or more SAP CRM applications or systems. Defending an application with multiple layers can prevent a single point of failure or noncompliance with data-retention policies. If one layer of defense is found to be inadequate, one or more other layers of defense will take over to better protect the applications and data. Each layer is used to prevent or minimize the exploitation of vulnerabilities — people, technology, and operations — of the SAP CRM applications or systems. With defense in depth, hackers find it harder to penetrate all defenses to compromise the security of the network, SAP CRM systems, and BlackBerry devices. Before you begin reading this article, you may want to refer to the sidebar “Glossary of Terms” for more information about the security terms I use.

Judith M. Myerson

Judith M. Myerson is a systems architect and engineer and an SAP consultant. She is the author of the Enterprise System Integration, Second Edition, handbook, RFID in the Supply Chain: A Guide to Selection and Implementation, and several articles on enterprise-wide systems, database technologies, application development, SAP, RFID technologies, project management, risk management, and GRC.

See more by this author


No comments have been submitted on this article. 

Please log in to post a comment.

To learn more about subscription access to premium content, click here.