Well-designed Identity & Access Management (IAM) in conjunction with multi-factor authentication (MFA) is an indispensable tool for protecting against cyber attacks and unauthorized access to sensitive company data. MFA in particular plays a crucial role here. Without it, companies are much more vulnerable to phishing attacks.
However, multi-factor authentication can mean a great deal of effort for users if it is not used in combination with single sign-on (SSO). By combining SSO and MFA, employees enjoy maximum protection against unauthorized access without having to authenticate themselves every time they access different applications. In today’s world of complex system landscapes, single sign-on and multi-factor authentication are not a luxury, but an indispensable prerequisite for the management and control of identities, access and authorizations.
The current SSO solution from SAP is called SAP Single Sign-On 3.0 and is still in use in the system landscapes of many companies. Typically, SAP SSO 3.0 runs via the SAP NetWeaver Application Server Java as a certification service via on-premise systems. With the discontinuation of SAP NetWeaver 7.5, support for SAP Single Sign-On 3.0 will also end on December 31, 2027.
As the cloud-based successor to SAP Single Sign-On and future certification powerhouse, SAP is relying on SAP Secure Login Service for SAP GUI. With it, companies benefit from the classic advantages of a cloud-based authentication point in terms of
Scalability and flexibility
Cost and effort efficiency
Security and reliability
SAP Secure Login Service for SAP GUI is particularly impressive due to its simple structure. Once it has been set up, further configurations can be carried out via uncomplicated steps in SAP Identity Authentication Service (IAS). Even multi-factor authentication can be easily integrated into the authentication process. In addition, SAP Secure Login Service for SAP GUI connects seamlessly with existing SAP landscapes and supports a variety of authentication methods and technologies.
The IAS offers many advantages as an authentication point. One of these is the ability to define different authentication processes based on various factors.
Source: SAP
For example, MFA can be defined for external access to the company network or for certain user groups, or authentication against different identity providers can be mapped using the mail domain. This makes it much easier to manage different identity providers.