Altán Networks gets holistic view of SAP environment with an SAP Assessment

About the Customer

Altán Networks is one of the largest telecommunications conglomerates in North America. Securing the S/4HANA® System is mission-critical to reach the company’s business objectives: To cover at least 92,2% of the Mexican country with 4.5G services.

The Challenge

Altán Networks have various external service providers who host and manage the existing SAP environment. The responsibility to safeguard critical applications like SAP was non-negotiable for José Márquez, CISO (Chief Information Security Officer) of Altán Networks. Due to his career path he has an advanced understanding of both SAP and cybersecurity. Understanding the existing attack surface in SAP and establishing an effective security strategy covering people, processes, and technology was the challenge ahead.

Our Strategy

Aligning the SAP and security team to gain a common understanding of responsibilities and required skills is fundamental to implementing a security strategy. By applying the NO MONKEY Security Matrix in technical assessments and subsequent workshops, we identify security white spots and critical vulnerabilities in a comprehensive way aligned with the SAP Security Maturity Model. Thus the management of findings is approached collaboratively by identifying and addressing their root causes.

Our Solution

Customising an SAP assessment around the business requirements and objectives of Altán Networks enabled us to provide a holistic overview of the different pain points around their SAP environment. While other service providers might concentrate on protecting the technology of SAP alone, we ensured that all the critical assets (people, process, and technology) are included. Our holistic approach didn’t only stop there but also made sure that a continuous protection plan was provided and aligned with the entire organisation’s security objectives and requirements.

“SAP Security can be a minefield for the reactive organisation. To reduce risk and safeguard our crown jewels, we have to think ‘end-to-end’ and be prepared to step outside the lines of boxed-in thinking. We practice a continuous, proactive approach to securing SAP applications based on processes, technology and people.”

Dipl.-Inf. José Márquez
Chief Information Security Officer at Altán Networks

“Customizing services around an organisation’s security requirement is an approach that has been effective to find the appropriate protection measures across people, process, and technology.”

Waseem Ajrab
Head of Advisory at NO MONKEY

Stay Informed With the Latest From NO MONKEY

Subscribe to NO MONKEY Updates to stay informed with the latest security tips, events, Open Trainings Session Calendar, Academy course offerings, Advisory services, and blog articles.